![]() Step 4 Create one JavaScript file in the solution where the API method. Step 3 Get the base address by calling the service (API) method. Step 2 Store the base address of your secured server in your database table. Modify JS file so that it has its own scope (function())(). Step 1 Remove all your CSS and JavaScript files from the solution which needs security and place those files in the secured server.Not load the JS file is user if signed in.Only load the JS file where the publicity will be shown.Not loading the JS file in any page that has Login forms.Copy the external JS file and serve it from site owner's server (or is that a horrible idea? The thing is, at least this way they can't be changing it to their heart's content, since it's in the site owner's server).I know they are still in danger, but there's not much else I can do. There's no discussing not going through with this, I wanted to know if there were any kind of layers of security I might be able to add in order to protect site viewers. They do different kinds of ads (pop-ups, etc) and some other things that require the code. Said JS code is a few lines, but essentially it creates a tag and loads a minified external JS file located in the publicity company's server. This company states that in order for them to offer said ads the owner of the site must add a JS code to the site. The owner of a site wants (no ifs/ands/orButs) to get paid by a company that offers gambling ads. If someone steals it they are breaking the law and you can seek legal action against them.I understand the best way would be not to have the external JS at all, but alas, it's not possible. You may be able to move some of the logic to the server-side (and use AJAX in your app), which would of course prevent any users from using the JS without modification - they would need to replicate your server-side logic themselves.Īnd finally, don't forget that the Javascript code you write is already your property and copyrighted by you. Minify and obfuscate to prevent any easy understanding of your code, but that's all you can do in terms of JS. The real answer: you can't prevent Javascript theft at all. Furthermore, "index.html" is a terrible way to prevent folder listing, it should be accomplished server-side (e.g.htaccess file). I have created a index.html file in the js folder so that none can get access the js folderĪgain, this is worthless as anyone can see what JS file is loaded. ![]() This lets you persist data for long-term storage, save sites or documents for offline use, retain user-specific settings for your site, and more. So this won't add any extra protection.Ĥ. Modern web browsers support a number of ways for websites to store data on the user's computer with the user's permission then retrieve it when necessary. If you load an external file at any time it is captured by browsers' developer tools (check the Network tab in Google Chrome). I have used js code to add external js file and obfuscated the code so that none can understand the name of the external js file However, there are are plenty of code "deminifiers" out there that will reformat the code nicely - albeit with unintelligible variable names.ģ. It provides code re usability because single JavaScript file can be used in several html. This is a decent step as it makes it much harder to understand exactly what the code it doing. We can create external JavaScript file and embed it in many html page. So it won't prevent "casual thieves", let alone people who actually know what they're doing.Ģ. No one will ever try to steal code using right click (heck, right click doesn't give access to anything in a browser anyway). I have disabled the right click button of mouse It's impossible to prevent your Javascript from being "stolen" because the code is served to the browser.
0 Comments
Leave a Reply. |