禁止来自Browserify的敏感文件
[英]Disallow sensitive file from browserify
问题描述
Browserify allows using the same module on both server and client, which is good. 
Browserify允许在服务器和客户端上使用相同的模块,这很好。
However some files I don't want included in a browserify bundle, for example a properties file containing sensitive data. 但是,某些我不想包含在browserify捆绑包中的文件,例如包含敏感数据的属性文件。 Obviously I wouldn't intentionally include it, but I want to go a step further and prevent it from even being possible, say by accident or by a developer who's unfamiliar with the setup. 显然,我不会故意包含它,但我想更进一步,甚至阻止它成为可能,例如偶然或不熟悉该设置的开发人员。
Right now I have this: 现在我有这个:
// fail browserify but not node
try { require('./kill/browserify'); }
catch(ex) {}
...which I think should work since node includes dynamically but browserify includes statically, but I was wondering if there was a less hackish way? ...我认为这应该可行,因为节点动态包含但浏览器静态包含,但是我想知道是否有一种更简单的方法? Like some sort of comment directive: 就像某种注释指令:
// is something like this possible?
/* @browserify disallow */
1 个解决方案
解决方案1
2 2014-11-10 23:33:06
--exclude, -u Omit a file from the output bundle.
If your code tries to require() that file it will throw unless you've provided another mechanism for loading it.
The above answer works only at runtime as @greim mentioned. 上面的答案仅在运行时有效,如@greim所述。 Another solution that should work at bundle time is to use a browserify transformer to alias your protected file to something that does not exist. 捆绑时应使用的另一种解决方案是使用browserify转换器将受保护的文件别名为不存在的文件。
Using aliasify: 使用别名:
aliasify = require('aliasify').configure({
aliases: {
"file-protected": "./path/to/protected"
}
});
var b = browserify();
b.transform(aliasify);
...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.