I have a react application deployed without source maps. I'm using react-scripts instead of having ejected and configure the build from scratch. My question is, is this safe enough to prevent from somebody steal my original code? Should I eject and use another uglify/obfuscate library?
Thanks a lot!
Yes. But minifying/uglifying is safe 'enough'. JavaScript files inevitably show off everything in browser-side, so we cannot hide source code perfectly. obfuscating library may slower your codes. Just keep in mind that you should not include secret keys in your JavaScript code.
Uglify -- like any other minifier -- has nothing to do with preventing theft of your code. Minifiers make the code smaller, and have a side effect of being harder for humans to read, but the functionality is exactly the same. There is absolutely nothing that prevents someone from reverse-engineering Javascript executed in their browser. When a user "visits" your site, it's really just a download where you're essentially saying, "here, have the code for this application so you can run it".
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.