0 votes
319 views
asked in java script by (3.1k points)

 

I want to make a JavaScript application that's not open source, and thus have two questions:

  1. What's the best way to obfuscate the code?
  2. What's the best way to obfuscate the strings themselves within the application (assuming that the answer to #1 does not handle this)?

1 Answer

0 votes
answered by

i give some links to you may it's usefull to you

http://www.kahusecurity.com/2011/brilliant-javascript-obfuscation-technique/

 

for more detail

 

Obfuscation is a means of "obscuring" the real meaning and intent of your javascript code. Some sites use it as an obstacle to people who want to copy/borrow their code. Other sites use it as a means to hide the actual intention of the code.

Some forms of obscuration:

  1. Automatically renaming variables to short meaningless names to make the code less readable and harder to understand.
  2. Removing all extra whitespace and line breaks so the code is one giant long line.
  3. Making parts of the code self-generating so that a first pass of the code runs to create the actual code that then runs to carry out the intended operation.
  4. Uses character codes and string manipulation combined with eval rather than normal javascript code to construct the actual code that would run.

Obscuration is not by itself evil, but it can be used to try to hide an evil intent and that is probably what AVG was objecting to. It detected so much obscuration that it couldn't tell if the javascript was attempting to do something it was trying to prevent. As such, it declared the code as unsafe by default since it can't verify that the code seems OK.

Categories

...