I have a few questions regarding JavaScript obfuscation on client side.
First question: What is the best tool or best three tools which ones you could suggest for this operation?
Second question: How developers should debug such code (in example with firebug) when extreme situation appears in the production if the code is obfuscated?
P.S. - I know that it's bad practice to debug in production, but we had some emergencies and experienced sometimes such situations.
Thanks for any help!
Name obfuscation does not affect the performance and should always be used. You can virtualize methods that are not computationally intensive. Otherwise, control flow obfuscation should be used.
JavaScript code obfuscation is a series of code transformations that turn your exposed code into a protected version of the code that is extremely hard to understand and reverse-engineer.
Because the source code of this agent is exposed, attackers can tamper with its logic to bypass it and make it much harder for providers to block their accounts.
Obfuscating your code is not a good idea. It will only inconvenience legitimate users (eg. when they need to fix a bug), and do nothing to 'protect' it from people who have a (financial) incentive to reverse-engineer it. It is fundamentally impossible to prevent reverse-engineering of Javascript code.
1) closure compiler with advanced optimizations
2) First double their pay, then show them jsbeautifier.org
If you are looking for obfuscation I would say JScrambler. They also have a comparison table on the site that lists other well known javascript obfuscators.
For debugging you could use something like SpiderMonkey or Rhino. Firebug is very good to retrive the decoded source code when encoding is applied.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With