HIDING UR JAVA SCRIPT FROM SOURCE CODE
if you put your javascript in an external javascript file that is included with:
<script type="text/javascript" src="http://mydomain.com/xxxx.js"></script>
tags, then the javascript code won't be immediately visible with the View Source command - only the script tag itself will be visible that way. That doesn't mean that someone can't
if you put your javascript in an external javascript file that is included with:
<script type="text/javascript" src="http://mydomain.com/xxxx.js"></script>
tags, then the javascript code won't be immediately visible with the View Source command - only the script tag itself will be visible that way. That doesn't mean that someone can't
just load that external javascript file to see it, but you did ask how to keep it out of the browser's View Source command and this will do it.
If you wanted to really make it more work to view the source, you would do all of the following:
1.Put it in an external .js file.
2.Obfuscate the file so that most native variable names are replaced with short versions, so that all unneeded whitespace is removed, so it can't be read without further processing, etc...
3.Dynamically include the .js file by programmatically adding script tags (like Google Analytics does). This will make it even more difficult to get to the source code from the View Source command as there will be no easy link to click on there.
4.Put as much interesting logic that you want to protect on the server that you retrieve via ajax calls rather than do local processing
If you wanted to really make it more work to view the source, you would do all of the following:
1.Put it in an external .js file.
2.Obfuscate the file so that most native variable names are replaced with short versions, so that all unneeded whitespace is removed, so it can't be read without further processing, etc...
3.Dynamically include the .js file by programmatically adding script tags (like Google Analytics does). This will make it even more difficult to get to the source code from the View Source command as there will be no easy link to click on there.
4.Put as much interesting logic that you want to protect on the server that you retrieve via ajax calls rather than do local processing
No comments:
Post a Comment