3

I have seen online javascript obfuscation tools. Would it be feasible or considered reasonable to have such a process run as a part of the build procedure for a web application, or how is obfuscation generally achieved?

Is it more of a manual process of creating a backup of the javascript to store with the project, and then running the contents through an obfuscator before doing a build? It seems like it would be cool to have an ant task that you could include as part of the build to handle that for you

user1154644
  • 4,491
  • 16
  • 59
  • 102

1 Answers1

5

Yes, that is quite possible and it should be done that way.

I find JScrambler a great solution for code protection and obfuscation, and they have support for build automation with their API clients. I personally use the Grunt JScrambler, but I've also tried the Gulp version.

For your particular case, you might want to take a look at this one Ant. I didn't tried though. There's a Java client also.

I also test the code after obfuscation, and before deploying it. I basically run my unit tests obfuscated for that.

Oliver Tony
  • 101
  • 2
  • As of today, JScrambler does not support the spread operator (...) – Sxilderik Oct 19 '18 at 11:47
  • The best obfuscator I’ve come across (granted, I did not try many of them), is obfuscator.io , which can be run on CLI through npm or yarn. It supports ES8. Plus it is free. – Sxilderik Oct 22 '18 at 10:58