1

I actually have a js code that i want to protect, and so i use the dean edward's packer php from Nicolas Martin : http://joliclic.free.fr/php/javascript-packer/en/index.php

It correctly minify my code, but it doesn't rename var & function name (so it not obfuscate it).

For exemple, a web minifier return this :

(function(e){var t="#step1";var n="#step2";})

and the php packer return this (if i set Encoding:None, i tried with all other option, no change)

(function($){var step1="#step1";var step2="#step2";

I appreciate this php packer because it's just one short php file that i can push on all of my server or local projects (on Wamp).

Closure compiler no work very well on local projects (and if you want rename, it rename ALL, and so it seems you can't use this with library, like jQuery), and other need to use Java or Python/Ruby. I would like to use only php, if it's possible.

Anyone knows how to upgrade this php packer to do what i want ? i tried hard, and i failed hard.

Jeremy F.
  • 19
  • 2
  • 1
    You cannot "protect" Javascript code. – SLaks Sep 16 '13 at 15:00
  • Any minifier you use on the code will be basically pointless. You're serving up the JS code, and renaming the variables will only be a MINOR speedbump in stealing the code. After all, EVERY person using your code will have a copy of it anyways. Use legal means instead. – Marc B Sep 16 '13 at 15:04
  • Whan i said "protect", i mean "minify and obfuscate". It will be almost impossible after that to understand the code. Even if you try using JS decoder. Specially if variable & function names are rename like : function remove(); function r(); It's to protect against retro engineering. – Jeremy F. Sep 16 '13 at 15:04

2 Answers2

0

I've found a solution :

I backed to the Closure Compiler, and i found a PHP *version* of it here : https://code.google.com/p/php-closure/ that work with on both local machine and server.

It's called like that in the html. You call the php process and give it js filename that you want to crypt, here jquery-wa-custom-object. You can give other js file adding &otherjsname&othertwojsname

<!--  Load protected javascript -->
<script src="js/protected/?jquery-wa-custom-object"></script>

and return a text string that contains all your crypted js.

In the php-closure.php, i edited it to have renamed variables (but not function name, because it use in others js files)

Finally, it will give you a fully minified/obfuscated js that can't be understand by anyone (even if you "beautify" it) because all var are not understandable.

Jeremy F.
  • 19
  • 2
0
  1. With so much excellent code already freely provided to build on, are you sure people will be that interested in 'stealing' yours?
  2. How much of your code is built on what you've learnt from others? So pay it forward
  3. Even obfuscated code is fairly easy to deobfuscate. Just tracing the logic and renaming vars as you go is fairly quick and a good IDE that understands javascript scope can probably automate some of it.
Andy Baker
  • 21,158
  • 12
  • 58
  • 71