1

Possible Duplicate:
Is it possible to hide or scramble/obfuscate the javascript code of a webpage?

Is there a way to hide the .js files to stop people from seeing the code and functonality behind. Is there a smart way to do this?

Community
  • 1
  • 1
Androidian
  • 553
  • 2
  • 7
  • 16
  • 1
    You can't. Everything the browser sees, the user can as well. – Felix Kling Feb 29 '12 at 15:20
  • Chrome has many tools that makes any "obfuscator" tools irrelevant. you can "prettify" javascript with the debug tools. If there is something sensitive in your code , do it server-side and use ajax to get the results. Everything that is on the client can be accessed and modified freely , there is nothing you can do about it. – mpm Feb 29 '12 at 16:25

5 Answers5

1

In short, no.

Obsfucators can be reversed using prettifiers, like BeautifulSoup.

If you don't want your source accessible by your users, use server-side code.

  • the layout can indeed be reversed but variable and function names will stay cryptic. That makes reading it very hard. You're right, though, that code that *really* needs to be hidden should be on the server. – xxbbcc Feb 29 '12 at 15:29
1

What do 'the JS files' you're referring to do at the moment? Depending on that, it may be possible to move certain functionality to server-side scripts which are hidden. The kind of code that you might want to be hidden is probably the kind that belongs server-side anyway ...

Bobby Jack
  • 15,689
  • 15
  • 65
  • 97
0

I don't think so because this way the browser can not see your code !

By the way, you can obfuscate your code, it is acceptable security.

Look at this : http://javascriptobfuscator.com/

Jerome Cance
  • 8,103
  • 12
  • 53
  • 106
0

You can try obfuscating it. It won't be hidden but it'll be mighty hard to read.

This page has links to various obfuscators.

Community
  • 1
  • 1
xxbbcc
  • 16,930
  • 5
  • 50
  • 83
0

As the nature of client-side app is to be run on the client, you will never be able to hide your code from the clients.

One thing you can do is make it as hard to read and understand as possible. This is called obfuscation. There exist a couple JavaScript obfuscator, I suggest you make a Google search. This one might not be the best but it can clearly show you how it's done. It converts this

var a="Hello World!";
function MsgBox(msg)
{
    alert(msg+"\n"+a);
}
MsgBox("OK");

To this

var _0xa6ca=["\x48\x65\x6C\x6C\x6F\x20\x57\x6F\x72\x6C\x64\x21","\x0A","\x4F\x4B"];var a=_0xa6ca[0];function MsgBox(_0xc324x3){alert(_0xc324x3+_0xa6ca[1]+a);} ;MsgBox(_0xa6ca[2]);
Alex Turpin
  • 46,743
  • 23
  • 113
  • 145