I was wondering how many of you currently Obfuscate your program code? in particular I am interested in those of you who go to the trouble of Obfuscating your JavaScript, and if so why? and what software do you use?
The reason I ask is that this was a practice I initially thought a good idea to protect my clients investment from their competitors, however I am very much leaning towards an Open Source approach development these days as best practice - after all good code should be free for everyone to view!
With development tools such as Firebug which appear to be Impervious to even the best JavaScript Obfuscation tools - is it ever worth the bother?
Hi Ralph M - Thanks for your reply. I agree it doesn’t seem sensible, and not really in the spirit of an ‘open web’ which is surely the only way forward
I was wondering how many of you currently Obfuscate your program code? in particular I am interested in those of you who go to the trouble of Obfuscating your JavaScript, and if so why? and what software do you use?
We use VarHammer JavaScript obfuscator to protect client-side scripts.
I do use uglify to compress and minify all my scripts.
Purely for optimization, not to try and protect the code - there’s nothing worth protecting in javascript anyways.
With development tools such as Firebug which…
You can actually hide script from the DOM inspector pretty easily if you don’t put stuff in the window scope and wrap everything in an IFEE
This coupled with uglify makes it pretty hard to see what’s going on.
Even if you do that the JavaScript debugger can still step through the code statement by statement so that you can easily see what each statement is doing.
All browsers except Firefox (and IE7) have a debugger built in and there are debuggers available to add to Firefox and IE7 that provide them with the same ability to step through any JavaScript one statement at a time.
Javascript obfuscation isn’t worth the hassle - you’re far better to protect your php where the guts of your processing will be done. It’s there where your intellectual property really matters. We compress Javascript but don’t generally obfuscate Javascript unless it comes that way from a third party library.
