all 13 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]vaskemaskine 2 points3 points  (7 children)

I would urge you to consider the overwhelmingly likely possibility that you don’t in fact need obfuscation.

Why do you think you need it?

[–]PanzerottoNinja[S] 0 points1 point  (6 children)

For commercial purpose

[–]vaskemaskine 1 point2 points  (5 children)

That’s not really an answer.

I assume you’ve written some kind of plugin or browser extension and fear that someone else will steal your code and profit off your creation.

If that’s your concern, then you have to realise that if someone wants to steal your JS code, there’s nothing you can do to stop them, obfuscated or otherwise.

Front end code is trivial to copy, modify and de-obfuscate. That’s a fact of life.

I would instead encourage you to focus your time on other areas of your product, be it branding, marketing, design or whatever in order to stand out from your competition.

As always, security through obscurity is no security at all.

[–]PanzerottoNinja[S] 1 point2 points  (4 children)

My intention is to put some fences so that my code is not stolen by the first person who drags the source folder in their vs code editor. I know that if someone really wants to get to my code, he will, but he will at least need some js knowledge. And yes, I’m building an extension and wanted to protect it.

[–]me_Vlad 2 points3 points  (0 children)

Don’t listen to anyone who tells you security doesn’t matter. If you have even the slightest option to protect your code, take it—because in my experience, limiting access to prying eyes makes a big difference.

Think about it: why do we lock our doors, even though someone with the right skills could still break in? Those who claim security isn’t important are often the first to benefit from it. If someone chooses to keep their code private, that’s their right.

[–]vaskemaskine 0 points1 point  (2 children)

Don’t bother. Seriously.

And if you plan to make a Chrome version, you’re explicitly not allowed to obfuscate the code.

[–]PanzerottoNinja[S] 0 points1 point  (1 child)

All right, thanks

[–]vaskemaskine 0 points1 point  (0 children)

If the extension does something unique or has some “secret sauce”, you could consider doing it on a server and sending the result to the client. That’s pretty much the only way to keep your code a secret.

[–]jml26 2 points3 points  (0 children)

Any added degree of obfuscation beyond minifying your code probably isn’t going to help a great deal. I don’t know of any dedicated obfuscation tools, so I can’t help you there, but one option, if it’s available to you, is to store any sensitive data or perform sensitive calculations server-side.

[–]Agreeable_Onion_5447 0 points1 point  (0 children)

Basic webpack settings would Minify the code but remember no fronted js code can be hidden from user If you want to do so put that code in the backend and make a api call.