每个人都可以看到WebApps使用的库的源代码? [英] Source-code of Libraries used by WebApps visible to everybody?
问题描述
当发布的Web应用程序(可供所有人访问并以访问用户身份运行)正在使用库时,则需要将此库共享给公众给有链接的人),否则会出现错误
您无权访问图书馆...,由您的脚本使用,或者它已被删除。
这意味着,每个有链接到我的图书馆的人都可以看到所有珍贵的源代码。现在的问题是,有人可以猜测这个链接,看起来像
https://script.google.com/a/ macros /..../ d / Mmov_2Lg8BnmygsjmTBZMqKFZSw7a2n3o / edit?template = default
或者这个链接既不是包含在使用WebApp交付给Web应用的Web内容中,还是可以轻松地从库的(猜测)名称派生出来?如果上述链接中以Mmov_2Lg8B开头的字符串是该库的编码名称和版本号,并且该算法可以在两个方向上运行,那么情况就是这样。
总结:源代码已发布的Web应用程序对用户是不可见的,但该应用程序使用的所有库都可以被链接到它们的每个人看到。这个链接很容易猜测吗?或者是否有一种完全不同的方法来保持库的源代码是私有的?
请参阅Henrique答案的评论 - 库网址不是可猜测的,并且
Having a similar constellation as in ScriptDb in Library accessed by WebApp, and also the answer given there applies to this question too:
When a published WebApp ( accessible by everybody and running as the accessing user) is using a Library, then this library needs to be shared to the public (to people having the link), otherwise there is the error
"You do not have access to library ..., used by your script, or it has been deleted."
So that means, that everybody having the link to my library can see all that precious source-code. The question is now, can somebody guess that link, which looks like
https://script.google.com/a/macros/..../d/Mmov_2Lg8BnmygsjmTBZMqKFZSw7a2n3o/edit?template=default
or is this link neither contained in the web-content delivered to the one using the WebApp nor can it be derived easily from a (guessed) name of the library? That would be the case, if that string in the above link starting with Mmov_2Lg8B somehow is an encoded name and version-number of the library, and the algorithm works in both directions.
To summarize: The source code of a published WebApp is not visible to the user, but all libraries used by that App can be seen by everybody having the link to them. Is this link easily guessable? Or is there even a completely different way to keep the source-code of libraries private?
See the comments on Henrique's answer - the library url is not guessable and is not in the webapp.
这篇关于每个人都可以看到WebApps使用的库的源代码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
