Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

difference between uglify and obfuscate? Is one more safe?

Tags:

javascript

gruntjs

obfuscation

deobfuscation

uglifyjs

Recently I was asked to obfuscate my javascript in order to hide a client's api key. I'm using grunt.

Will grunt-contrib-uglify obfuscate my js?

What's the difference between uglify and obfuscate? Is one much more safe than the other?

like image 248
Connor Leech Avatar asked Feb 27 '14 13:02

Connor Leech

People also ask

Is obfuscate safe?

Obfuscation is a built-in security method, sometimes referred to as application self-protection. Instead of using an external security method, it works within what's being protected. It is well-suited for protecting applications that run in an untrusted environment and that contain sensitive information.

What is the difference between minify and uglify?

Minification is just removing unnecesary whitespace and redundant / optional tokens like curlys and semicolons, and can be reversed by using a linter. Uglification is the act of transforming the code into an "unreadable" form, that is, renaming variables/functions to hide the original intent...

Should I use obfuscator?

Should You Obfuscate? If you're deploying code in untrusted environments where you want to protect your source code, you should almost always use at least a basic obfuscator to rename functions, methods, and properties to make decompiling take a bit more effort.

What is obfuscation What is it used for what about Minification?

Obfuscation is the process of making your code unclear and unreadable to humans. This adds a level of security to source code specially in web world were source code is readily available. Minification is the process of removing unnecessary data present in code resulting in smaller file sizes and faster loading.

1 Answers

Uglify is a code minification tool. It parses the JS, building a token tree out of the code, which can then be used to either compress/minify the code or 'beautify' it, making it readable for debugging, etc. Uglify will NOT obfuscate your code.

On the other hand, using an obfuscation tool such as Stephen Mathieson's Obfuscator can concatenate multiple project files into one, bundling requires and packaging. In this case it also Uglifies the entire job at the end, resulting in an obfuscated, minified JS file. It's not 100% secure, there are ways to de-obfuscate JS code, but it makes it much more difficult to decipher than flat text.

HOWEVER, I would recommend keeping a client's API key out of browser-side code whenever possible. Even if it is obfuscated, it can still be found

like image 154
Isaac Avatar answered Oct 13 '22 00:10

Isaac
Sign in to Comment

Related questions

How does Facebook auto display the image in the right size depending on user screens?
Once and for all, what does navigator.onLine do?
Get string length in pixels using JavaScript [duplicate]
parse html inside cdata using jquery or javascript
Three.js Rotate camera around object (which may move)
meteor vs derbyjs who is winning this battle? [closed]
What is this communicating: my_var = my_var || 69 [duplicate]
JSON.stringify and "\u2028\u2029" check?
WebRTC Data Channel server to clients UDP communication
How to cancel getUserMedia indicator after recording
Why cant I inline call to res.json?
Why does Internet Explorer fire the window "storage" event on the window that stored the data?
Javascript backbutton event listener overrides the android device back button
d3.js chart area filling with different colors
ko.Computed() is not updating with observableArray
Node.js Server running from a sub folder
jQuery Deferred and Promise for sequential execution of synchronous and asynchronous functions
How to check for error when using yield instead of node-style callback?
Masonry & LazyLoad doesn't want to work together
check is nodejs connection come from localhost

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!