Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Does silverlight code need protection?

I don't quite understand how Silverlight code works within the browser. Are the assemblies downloaded to the client machine? Is there any chance of the code getting decompiled using Reflector or some similar tool? If so, what options does one have to protect the code? Do .net obfuscators work with Silverlight?

like image 698
Emrah Diril Avatar asked Oct 28 '08 17:10

Emrah Diril


2 Answers

Whenever you are in a web browser, all client side code is downloaded to the machine and can be examined by the user. This goes for Javascript, Flash, and Silverlight.

If you have proprietary code that absolutely must be hidden then you need to put it on the server and expose an API that the clients can call to show information to the user.

like image 175
17 of 26 Avatar answered Sep 22 '22 13:09

17 of 26


To view a Silverlight application the client download a .xap file that contains the dll and one configuration xml and optional resources. The dll contains compiled c# code that runs in a Silverlight runtime in client machine. Silverlight runtime is basically a subset of complete .net runtime. So the point is user gets the code in dll and then can use tools to get original source code. So at most you can do is obfuscation. Still for very critical code that should not be the option. You can use some other way (WCF or other webservices to hide some part of your code may be) if it shouts your need.

like image 35
Tanmoy Avatar answered Sep 25 '22 13:09

Tanmoy