|
[[ Protect your .js files - A true and effective way
|
Email
|
| Submitted on: |
12/5/2002 10:11:52 AM |
| By: |
Eugenio Y.
|
| Level: |
Intermediate |
| User Rating: |
By 9 Users |
| Compatibility: |
JavaScript |
| Views: |
19058 |
|
|
|
|
|
After spending several weeks debuging a script, it's not nice knowing that any dumb web designer can steel your code without permission.
This solution uses ASP and cookies to encrypt the code inside javascript functions. The key to decrypt the code is stored in a cookie, so the client can't get it.
There must be some way to hack this, but it will keep your code away from 99% users.
If you find a way to hack it, post a comment. It would help to improve the code.
I've seen other solutions in PSC but none of them work as this one.
Don't forget to vote!
|
| |
|
 Download code
Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come
out every day, so no prevention program can catch 100% of them. For your own safety, please:
- Re-scan downloaded files using your personal virus checker before using it.
- NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
If you don't have a virus scanner, you can get one at many places on the net
including:McAfee.com
|
Terms of Agreement:
By using this code, you agree to the following terms...
- You may use
this code in your own programs (and may compile it into a program and distribute it in compiled format for languages that allow it) freely and with no charge.
- You MAY NOT redistribute this code (for example to a web site) without written permission from the original author. Failure to do so is a violation of copyright laws.
- You may link to this code from another website, but ONLY if it is not wrapped in a frame.
- You will abide by any additional copyright restrictions which the author may have placed in the code or code's description.
|
Report Bad Submission
|
Your Vote
|
| |
Other User Comments
|
 12/6/2002 11:16:27 AM:
Well, since you asked to post the hack.. Here ya go. (I'll include some ideas to make it stronger in the next post)
1)Load the web page.
2)view source.
3)see that a = getCookie("Key")
4)type javascript:void(a=getCookie("Key")) into the browser's address bar and hit enter, now the key is stored in a global variable "a".
4b) Or if desired, type javascript:alert(getCookie("Key")) and the key will be displayed.
5)See the line eval(decrypt("...",a))
6)use cut and paste to type this in the address bar: javascript:alert(decrypt("...",a)) Hit enter and that line will be displayed in it's original form.
7)You'll have to repeat step 6 for every line.. so if you encrypted your code in 50 different pieces, maybe it would be too much trouble.
(If this comment was disrespectful, please report it.)
|
12/6/2002 11:17:00 AM:
So.. to improve the code..
1)Don't make getCookie("Key") so visible, hide it in the decrypt function, and while your at it just grab the 10 lines of the getCookie function and use them directly in the decrypt function.. you wouldn't have to include cookies.js then.
2)Don't provide a nice decrypt function capable of displaying the original js. Here's how:
Take this line: eval(decrypt("...",a))
And make it d("...")
The point here is to move the eval line into the decrypt function. This way, the ONLY thin it can do is RUN the code, not display it.
The only problem here though, is that local variables will not persist from one encrypted block to another, so either put the entire contents of your encrypted function into ONE block, or only use global variables.
(If this comment was disrespectful, please report it.)
|
5/28/2003 1:19:37 PM: PFillion
Nice idea, but I think that code is ment to be shared.
(If this comment was disrespectful, please report it.)
|
7/26/2003 1:53:27 AM: Taylor K.
there is no actual way to secure js so don't try
(If this comment was disrespectful, please report it.)
|
9/12/2003 3:45:17 AM: Agret
Just use the microsoft javscript encryptor then you set the language as JS.Encode when using it :)
(If this comment was disrespectful, please report it.)
|
4/11/2004 6:33:25 PM: Stefan Aichholzer
If an user goes File -> Save As and saves the complete web page, he'll have the .js files...
Pretty hard to get, huh?
(If this comment was disrespectful, please report it.)
|
9/20/2004 1:49:47 AM:
I definately agree with
(If this comment was disrespectful, please report it.)
|
3/27/2005 6:29:24 AM:
Don't hate, appreciate thuggstas
(If this comment was disrespectful, please report it.)
|
12/1/2005 4:10:43 PM: ZimDale
hmm I have an idea about this....what about using PHP or ASP and store the code in a MySQL Database and somehow have it load the code streight out of the database...not sure if it can be done not a wiz at PHP or ASP :( but hey its an idea :)
(If this comment was disrespectful, please report it.)
|
8/21/2006 1:01:29 AM: Vipin Kumar
I want a code that block non numeric values to enter in database.
(If this comment was disrespectful, please report it.)
|
6/12/2008 12:55:08 AM: el
please
give
a
project.
for my
basis
thanks and Godbless!
(If this comment was disrespectful, please report it.)
|
Add Your Feedback
Your feedback will be posted below and an email sent to
the author. Please remember that the author was kind enough to
share this with you, so any criticisms must be stated politely, or they
will be deleted. (For feedback not related to this particular code, please
click here instead.)
To post feedback, first please login.
|
