JavaScript混淆和缩小 [英] JavaScript Obfuscation and Minification

问题描述

现代JavaScript混淆/缩小工具如何保护我的代码不受逆向工程的影响?此外，哪种混淆平台最能防止这种情况发生?使程序去模糊化代码并使过程变得毫无意义似乎很容易.

How well can modern JavaScript obfuscation/minification tools protect my code from reverse engineering? Also, what obfuscation platforms are the best for preventing this? It seems it would be rather easy to make a program to deobfuscate code and make the process rather pointless.

如果这不是完美的选择，那么是否有任何解决方案都依赖于远程提供的代码?

If this is not something that is perfect, are there any solutions that rely on code being served remotely?

推荐答案

对模糊处理您所能做的就是让坚定的黑客更多地工作，以便借用您的代码或了解如何使用您的代码.如果确定，您将无法阻止.

All you can do with obfuscation is make a determined hacker work more in order to borrow your code or understand how to use your code. You cannot prevent it if they are determined.

有很多程序可以缩小代码的大小，使其再次可读或可调试.删除所有有意义的变量名和明显的代码注释确实可以使人们更容易理解代码，但并不能阻止坚定的黑客这样做.

There are lots of programs out there that will de-minify code to make it readable or debuggable again. Removing all the meaningful variable names and obviously code comments does make it more work for someone to understand the code, but does not prevent a determined hacker from doing so.

必须受到保护的算法或商业机密应该不包含在客户端JavaScript中，而应在服务器上执行，并将结果直接放入页面中或通过Ajax调用放入页面中

Algorithms or trade secrets that must remain protected should not be in client-side javascript, but rather should be performed on a server with results put directly into the page or put into the page via ajax calls.

这篇关于JavaScript混淆和缩小的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！