Time to think about protecting all that hard work through obfuscation?
I thought so once; then I thought twice.
What is obfuscation?
obfuscation is making your code harder to read; including by replacing meaningful identifiers (names) with meaningless ones. The code resulting code is still valid code which can be run.
It is not
It is not
compilation. Compilation is the creation of byte code or binary.
It is not
Windows Script Encoder is of no use; a quick search will find you a number of decoders.
It is not
compression. Compression expresses the code in fewer characters; but often retains the original code information and identifiers, which can easily be retrieved by running the decompression function on the code.
Does it really provide security?
Does you really need security?
There is also probably little again that your suffiently skillful, experienced and determined programmer could not re-invent for themselves.
Will the community approve?
Obfuscation will not make you many friends.
Should I trust you?
If I am to download your script into my browser, am I prepared to trust you if I am unable to read the script?
Is it worth the effort?
There are a lot of potential technical pitfalls / headaches which await the would-be obfuscator. Is it worth all that stress?
- If you remove line breaks, then mind your semi-colons.
- You need to avoid accidentally obfuscating DOM names such as "document", "body" etc.
- If your code is in more than one file, how do you ensure the same obfuscated names are used accross all files?
If you get an error, it feels like a needle in a very big haystack.
Is there an alternative?
If the code needs to be kept secure, either to protect your work, or to conceal a secret business process, can it be left on the server instead? Why does it need to be downloaded to the client?
Alternatively, perhaps you could look at creating a Java applet, which has some protection, being expressed as it is in byte code.
Do you want compression instead?
Still not convinced?
Ok, ok, you get the point.
Well there are plenty of commercial offerings on the market place, and some are probably very good. But you will have to reach your own opinion.
It is undocumented, unsupported, and will only run in Internet Explorer 6. It is about a 250k download, and, guess what, I did not obfuscate it, so you can see how it works; although my code is a spagetti mess, so you might think it was obfuscated!
It is not a windows application, despite the look and feel. I once started writing my own web-application framework; then I discovered some others (e.g. Bindows); so I gave up.
You are licensed to use this for home and commercial evaluation puposes only. It may not be used for business purposes, or for code destined to be used in a business.