0

Many posts have stated that compiling or otherwise protecting javascript code is not fundamentally possible in the browser context, for example:

How do I protect javascript files?

However, nw.js (fka node webkit) says that it makes it possible to protect javascript source code for use in a browser context through compilation:

https://docs.nwjs.io/en/latest/For%20Users/Advanced/Protect%20JavaScript%20Source%20Code/#:~:text=The%20JavaScript%20source%20code%20of,with%20your%20app%20for%20production.

Is it truly possible to protect js code through compilation using nw.js (or other tools), which would mean that prior posts on this topic may need to be revised? Is this actually correct?

To be clear, I'm not asking about Obfuscation, which makes the code hard to read but can be reverse-engineered, eg see:

How can I obfuscate (protect) JavaScript?

I'm asking about whether there is a practical process that would make javascript code sufficiently protected that it would be hard or ideally impossible to reverse-engineer (harder than just using good obfuscation).

Thanks

user2330237
  • 1,629
  • 5
  • 20
  • 39
  • 1
    Ultimately, if you send code in any form to anybody who accesses your URL, you have to face the fact that somebody can "de-compile" it. The more valuable *you* think it is, the more valuable somebody else might think it is, so money can be thrown at the problem. – Pointy Sep 19 '20 at 21:21
  • Also, NW.js is for creating local applications with a mash-up of Chromium and Node; it is not about sending code to browser clients. In a browser, the options you have are plain JavaScript and Web Assembly (wasm) (which doesn't have universal support). – Pointy Sep 19 '20 at 21:24
  • Even native code compiled to binary form can be reverse-engineered by someone with the right tools and knowledge. Bottom line - if a browser can execute the code, it is impossible to hide the code's structure from someone who wants to find it. – backtick Sep 19 '20 at 21:49

0 Answers0