Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can a javascript library such as canvasjs manage their trial period

Disclamer : I don't want to crack canvasJS or avoid paying for it. I'm just curious for the method used for licence management

CanvasJS came with a 30 days trial licence, but how is this time managed?

Since file is downloaded directly from client to canvas server (without any information of my application server), how do they manage to know that my application server is using canvasJS for more that 30 days?

Also, if a site A is using a paid version of canvasJS, how do they manage to avoid people using the javascript on any other website?

like image 339
Golgot Avatar asked Sep 18 '18 22:09

Golgot


People also ask

How do I remove the trial version of text from CanvasJS chart?

You can download the commercial version of the library from “My Account” Page. Replacing the trial version of library in your project with the downloaded commercial version (canvasjs. min. js file) will remove the trial version text.

Can you use CanvasJS for free?

Yes, we offer free license to students and for personal use.

What is CanvasJS?

CanvasJS Charts is an HTML5 Charting library that runs across devices and browsers and has 10x Performance Compared to traditional SVG charting Libraries. This allows you to create rich dashboards that work across devices without compromising on maintainability or functionality of your web application.


1 Answers

After downloading CanvasJS and take a (fast) look at the code, I see no evident way in which it can be controlling neither trial period neither unauthorized use (abuse).

Of course, there are some approaches to control the trial period, at least. For example, embedding into the program logic some function which polls periodically a centralized server. If the server records the polling sequence, it can compute how many time has passed since the first call from each client, and so, it can notice when the trial period is over.

A more advanced standalone technique (which would not need any external server) would be to generate a serial number embedded in the code, in function of the download date. Then, some core function should validate the current time against the download date, and produce an error when the trial period has expired.

But, it does not matter how advanced a technique we apply in javascript: The weakness of all these possible techniques is that all the copyright-guarding functionalities must be coded in javascript, which at the end is executed in the client browser: Thus, at the hacker's disposal to "decompile", modify, and steal that code. So, all these techniques must necessarily rely on a strong source code obfuscation to hinder the hackers on understanding the code and finding the core functionalities. But just obfuscation, at the end, ensures no security at all.

like image 88
Little Santi Avatar answered Nov 01 '22 16:11

Little Santi