securing javascript
in [JavaScript]
|
Prev: Are Unsecured Debt Consolidation Loans the Right Solution?
Next: Need help understanding javascript syntax
From: MikeJ on 14 Apr 2010 08:36 Anyone know a way to secure javascript to prevent access by anything but through the author's web site? I played with sending it through php but have not yet found a satisfactory way to prevent the script itself from being able to be downloaded. thanks
From: Tim Slattery on 14 Apr 2010 09:16 MikeJ <no_spam_please(a)nothere.com> wrote: >Anyone know a way to secure javascript to prevent access by anything >but through the author's web site? I played with sending it through >php but have not yet found a satisfactory way to prevent the script >itself from being able to be downloaded. Can't be done. The client has to download it in order to execute it. -- Tim Slattery Slattery_T(a)bls.gov http://members.cox.net/slatteryt
From: Joe Nine on 14 Apr 2010 09:30
MikeJ wrote: > Anyone know a way to secure javascript to prevent access by anything > but through the author's web site? I played with sending it through > php but have not yet found a satisfactory way to prevent the script > itself from being able to be downloaded. > > thanks You can put some code in that checks if the document domain is the same as your site and if not, it won't run. The trouble is that anyone that gets hold of your code can see that you're doing that and will just comment it out. That's where compression and obfuscation would help to hide that you're doing that. Use a minify and/or an obfuscation tool (google is your friend there) and you'll eliminate a good proportion of the people who might be tempted to steal your code. This won't stop the professional or hacker with time on his/her hands and the determined motivation to steal/use your code. But just like a car alarm won't stop a professional thief, it might be enough to annoy them into giving up and moving on to someone elses code. |