0

My question is : how can you hide a javascript file even if you need to use it ?

It is possible to denied access to the source code of a javascript file ? Like if I insert it in my page, functions and other stuff will work but when someone try to access it directly or whatever, it will fail. Any ideas ?

I've done some research but didn't found what I really wanted.

Scott Harwell
  • 7,457
  • 2
  • 28
  • 41
David Bélanger
  • 7,400
  • 4
  • 37
  • 55
  • 2
    short version: **its impossible**, long version: _there are tricks to make access to file very complicated, but they will not stop a dedicated attacker_ – c69 Jan 14 '12 at 01:06
  • possible duplicate of [How can we restrict the user from saving a web page?](http://stackoverflow.com/questions/615982/how-can-we-restrict-the-user-from-saving-a-web-page) – Ben S Jan 14 '12 at 01:06
  • 1
    If you're worried about people reviewing you code, you could obfuscate it with a tool like dean edward's packer. It won't make it impossible to decode but it would be a pain. Also, obfuscation will cause a performance hit. – Scott Harwell Jan 14 '12 at 01:09
  • JavaScript files are publicly distributed by web-servers. – Šime Vidas Jan 14 '12 at 01:12
  • 1
    Technically, if you inline all your JS code so that it's not in an external file, it can't be hotlinked by others directly via ` – Marc B Jan 14 '12 at 01:30
  • Actually there is a small tool that securely hides your JS-sources http://stackoverflow.com/a/15437976/2166687 – wowei Mar 15 '13 at 18:18

4 Answers4

3

The short answer, no it can not.

If its being executed, its being seen.

Dan Kanze
  • 18,485
  • 28
  • 81
  • 134
2

Because javascript is an interpreted language (not compiled) a copy of the source code has to be copied to the users computer. There is no way to stop them from looking at it on their hard drive or using the built in functions of their browser.

annonymously
  • 4,708
  • 6
  • 33
  • 47
1

If you're transmitting a file to a user, they can look at it.

The only to guarantee a user can't look at the contents of a file is to not send it to them.

Ben S
  • 68,394
  • 30
  • 171
  • 212
1

http://www.stunnix.com/prod/jo/

You can use this tool or similar ones to make it harder for your code to be human readable, but you can't stop people from looking at the code.

rfinz
  • 372
  • 6
  • 14