简体繁体 English

ASP.NET MVC Dotfuscator问题

[英]ASP.NET MVC Dotfuscator problems

原文 2009-10-13 10:30:56 1 2 c#/ asp.net/ asp.net-mvc/ visual-studio-2008/ dotfuscator

I am trying to use Dotfuscator (CE) to help protect our ASP.NET MVC .ddl. 我正在尝试使用Dotfuscator（CE）来帮助保护我们的ASP.NET MVC .ddl。 Its a web application that will be distributed to clients and we need a way to protect our IP. 它是一个将分发给客户的Web应用程序，我们需要一种方法来保护我们的IP。

The problem is that it appears to break the application once completed. 问题是它一旦完成就会破坏应用程序。 I've only got so far with disabling renaming on my Controllers namespace but I'm get null reference exceptions now. 到目前为止我只能在我的Controllers命名空间上禁用重命名，但我现在得到空引用异常。

Has anyone got Dotfuscator working with ASP.NET MVC DLL's? 有没有人让Dotfuscator使用ASP.NET MVC DLL？ Google provides no possible blog posts or information. Google不提供任何可能的博文或信息。

Thanks. 谢谢。

Other details: 其他详情：

Visual Studio 2008 Professional, Visual Studio 2008专业版，

Windows Vista Business x64, Windows Vista Business x64，

Registered my Dotfuscator but not had an email with a download link for the upgraded CE edition. 注册我的Dotfuscator但没有收到升级版CE版下载链接的电子邮件。

Or can anyone suggest a relatively cheap tool that would work properly? 或者任何人都可以建议一个相对便宜的工具，它可以正常工

2 个解决方案

I don't think that will work because ASP.NET MVC relies so heavily on reflection. 我认为这不会起作用，因为ASP.NET MVC非常依赖于反射。

I have successfully obfuscated an ASP.NET MVC application using SmartAssembly and the control-flow-obfuscation option it has. 我已经使用SmartAssembly和它具有的control-flow-obfuscation选项成功地模糊了ASP.NET MVC应用程序。 That does't change the name of your class members but instead changes the code in your methods into spaghetti code. 这不会改变类成员的名称，而是将方法中的代码更改为spaghetti代码。

It is true that ASP. ASP确实如此。 NET MVC relies heavily on reflection, and therefore you cannot obfuscate the type or properties which will be reflected. NET MVC在很大程度上依赖于反射，因此您无法模糊将要反映的类型或属性。 However, I would argue that there is no need to obfuscate most of this stuff anyway. 但是，我认为无论如何都没有必要混淆大部分内容。 Your controller names and action names are already public, since they appear in URIs. 您的控制器名称和操作名称已公开，因为它们出现在URI中。 Your presentation models are essentially public as well, since they should be designed like your view, and since end-users can see your view. 您的演示模型基本上也是公开的，因为它们应该像您的视图一样设计，因为最终用户可以看到您的视图。

Your controllers should be very lightweight, and simply bind objects from a repository to your presentation models. 您的控制器应该非常轻量级，并且只需将对象从存储库绑定到您的演示模型。 So there is little intellectual property to hide here. 因此，隐藏在这里的知识产权很少。

The code you would actually want to obfuscate would presumably be your business logic, which can very easily live in a separate assembly. 您实际想要混淆的代码可能是您的业务逻辑，它可以很容易地存在于单独的程序集中。 So my suggestion would be that rather than trying obfuscator after obfuscator, and trying to find one which seems to work (except for those bugs which you miss, but your users find later on), that you instead partition the code which is important to obfuscate and his not so dependent on reflection. 所以我的建议是，不是在混淆器之后尝试混淆器，而是试图找到一个似乎有用的混淆器（除了你错过的那些错误，但是你的用户稍后会发现），你改为对代码进行分区，这对于混淆是很重要的。他并不那么依赖反思。