防止Javascript显示源代码
[英]Preventing Javascript from showing source code
问题描述
I've looked at I can't find a suitable solution.
我看过我找不到合适的解决方案。
When you right-click and view the HTML source, then click on the link to a JavaScript (.js) file, the file loads and displays the code.当您右键单击并查看 HTML 源代码时,然后单击指向 JavaScript (.js) 文件的链接,该文件将加载并显示代码。
I want to prevent this.我想阻止这种情况。 It's been a while but I know you can check to see where it's being called and prevent it from opening if it's not called locally, ie, on the domain where it lives, but I can't remember how.已经有一段时间了,但我知道你可以检查它被调用的位置,如果它不是在本地调用,即在它所在的域上,则阻止它打开,但我不记得如何。
1 个解决方案
解决方案1
3 已采纳 2023-01-29 01:31:13
This is not possible.这是不可能的。 If your code is not sent to the client, then the client won't have any code to run, and anything sent to the client can be read by the user.如果你的代码没有发送到客户端,那么客户端将没有任何代码可以运行,发送到客户端的任何内容都可以被用户读取。 Even if you found a way for the browser to hide it, a technologically knowledgeable user can just use cURL to see the source.即使您找到了浏览器隐藏它的方法,技术知识丰富的用户也可以使用 cURL 来查看源代码。
So there is no way to hide code from the user, but you can very easily make it much harder to understand.所以没有办法对用户隐藏代码,但你可以很容易地让它更难理解。 The most common way of doing this is to obfuscate the code or make it so convoluted and ugly that it would take a while for someone to understand what it exactly does.最常见的做法是混淆代码,或者使其变得非常复杂和丑陋,以至于人们需要一段时间才能理解它到底做了什么。 This is not just minifying the code and making it look ugly, this is using a completely different way of doing the same thing.这不仅仅是缩小代码并使其看起来丑陋,这是使用完全不同的方式来做同样的事情。 For example, take this input code:例如,采用以下输入代码:
a = 1; b = 2; console.log(`${a} + ${b} = ${a+b}`);
run it through this online obfucator and get this result:通过这个在线混淆器运行它并得到这个结果:
function _0x1450(_0x197943,_0x16e058){var _0x551a06=_0x551a();return _0x1450=function(_0x14505a,_0x1c7cf5){_0x14505a=_0x14505a-0xca;var _0xf62bf8=_0x551a06[_0x14505a];return _0xf62bf8;},_0x1450(_0x197943,_0x16e058);}function _0x551a(){var _0x34958f=['373970NKtNQT','8pCfaUJ','\x20+\x20','4413552ZtbXUP','339267FzcTIn','542560KzWApk','21632xuvhlJ','10518057bZIWFW','1694pVgAOK','\x20=\x20','1622674nEQaGr'];_0x551a=function(){return _0x34958f;};return _0x551a();}var _0x328ff8=_0x1450;(function(_0xb3255b,_0x38cc1a){var _0x317b39=_0x1450,_0x1f62b4=_0xb3255b();while(;;[]){try{var _0xaf9fd=parseInt(_0x317b39(0xd4))/0x1+-parseInt(_0x317b39(0xce))/0x2+-parseInt(_0x317b39(0xd3))/0x3+parseInt(_0x317b39(0xd0))/0x4*(-parseInt(_0x317b39(0xcf))/0x5)+-parseInt(_0x317b39(0xd2))/0x6+parseInt(_0x317b39(0xcc))/0x7*(parseInt(_0x317b39(0xca))/0x8)+parseInt(_0x317b39(0xcb))/0x9;if(_0xaf9fd===_0x38cc1a)break;else _0x1f62b4['push'](_0x1f62b4['shift']()),}catch(_0x5453e4){_0x1f62b4['push'](_0x1f62b4['shift']()),}}}(_0x551a,0x87bdb),a=0x1;b=0x2,console['log'](a+_0x328ff8(0xd1)+b+_0x328ff8(0xcd)+(a+b)));
Does that code make sense to you?该代码对您有意义吗? Me neither.我也不。 Does it run?它运行吗? Yes.是的。
It should be noted that code can and has been de-obfuscated, however, it is a laborious task.应该注意的是,代码可以并且已经被去混淆,但是,这是一项艰巨的任务。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.