Re: looking for good javascript unescape encoder
- From: "Julian Turner" <julesblue@xxxxxxxxxxxxxx>
- Date: 30 Jun 2006 05:39:28 -0700
mistral wrote:
[snip]
yes, obfuscation and compressing of code is just we need.
If we talk about encryption, it is also very necessary thing, but it
must a) does not affect on code execution speed, and b) encryption
symbols used must be fully recognizable by web browsers.
I heard there is the good encryption program, which excels windows
script encoder, encrypt html code and javascripts -HTML Guardian
http://www.protware.com
http://www.protware.com/dl/HTMLGuardian.exe
and whats about Javascript Obfuscator V.2.22 ?
http://www.javascript-source.com/jsosetup.exe
Mistral
You will probably find that the majority of people visiting this
newsgroup do not use obfuscators and disapprove of their use, so you
may not find anyone who has any experience of the programs you refer to
in a live commercial environment. If you search this newsgroup you
will find a large number of posts on this issue.
I agree with this view.
Nevertheless, in my experience (having once dabbled on the dark side)
most obfuscators offer line and comment removal, and a degree of
variable name replacement, which is your basic requirement, and I would
imagine there is little difference between the products on the market
in this respect. More advance features, capable of dealing with Object
Oriented JavaScript programming and property names, will be harder to
come by.
Ultimately Google throws up many different obfuscators, free or priced.
If it is that important to your business, then you should perhaps
consider spending some time and money trialling each of these products,
and reaching your own conclusions. If your code is special enough to be
worth protecting, then you must be a skilled programmer and have some
financial backing, and so be capable of affording these products and
evaluating the results.
As others have noted, and you no doubt appreciate, obfuscators offer
protection (if any) only against the casual inexperienced programmer.
Anyone who was genuinely interested in discovering your code would also
have the skills to be able to see through the obfuscation relatively
easily.
Encryption it would appear is IMHO not possible at all, as the browser
needs some way to decrypt the code, which must be supplied along with
the page itself, thereby defeating the object.
Other efforts at code hiding I have encountered, included
- a series of nested "escapes". Again, a few minutes was all that was
needed to get round this
- a series of separate programmatic script downloads (using
document.write, or document.createElement("script")) from the server.
The HTTPRequest object soon beat those.
Whatever protection you choose, a user visiting a page with obfuscated
or encrypted code may of course be inclined to distrust the site.
The alternative is to keep any important processing confined to the
server.
Julian Turner
.
- Follow-Ups:
- Re: looking for good javascript unescape encoder
- From: Lasse Reichstein Nielsen
- Re: looking for good javascript unescape encoder
- References:
- looking for good javascript unescape encoder
- From: mistral
- Re: looking for good javascript unescape encoder
- From: David Dorward
- Re: looking for good javascript unescape encoder
- From: mistral
- Re: looking for good javascript unescape encoder
- From: David Dorward
- Re: looking for good javascript unescape encoder
- From: mistral
- Re: looking for good javascript unescape encoder
- From: Evertjan.
- Re: looking for good javascript unescape encoder
- From: Dr John Stockton
- Re: looking for good javascript unescape encoder
- From: mistral
- looking for good javascript unescape encoder
- Prev by Date: finding cordinates of selected text
- Next by Date: Re: finding cordinates of selected text
- Previous by thread: Re: looking for good javascript unescape encoder
- Next by thread: Re: looking for good javascript unescape encoder
- Index(es):
Relevant Pages
|
