Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

javascript source map : keeping map file local only to debug production javascript

Tags:

javascript

google-chrome

source-maps

I would like to debug production website, but I don't want to upload the map file on the server (for privacy reason, because it is public right ?).

Is it possible ?

like image 734
Laurent Debricon Avatar asked Mar 27 '13 14:03

Laurent Debricon

People also ask

Should you use source maps in production?

Most JavaScript and CSS sources are usually minified and source maps serve as a memory map to the compressed files. It's generally a good practice to minify and combine your assets (Javascript & CSS) when deploying to production.

How do source map files work?

A source map is a file that maps from the transformed source to the original source, enabling the browser to reconstruct the original source and present the reconstructed original in the debugger.

What are JavaScript Sourcemaps?

A Sourcemap is a file that maps from the transformed source to the original source. It is a mapping between the generated/transpiled/minified JavaScript file and one or more original source files. The main purpose of Sourcemaps is to aid debugging.

How do I enable source maps?

To enable source maps in Google Chrome, go to Developer Tools, click the little cog icon, and then make sure that “Enable Javascript source maps” is checked. That's it.

2 Answers

I don't believe any browsers currently allow loading source maps ondemand from local files, so you have to put the sourcemaps online somehow.

One solution could be to create a .htaccess file (or something similar, if you aren't using Apache) that restricts access to the sourcemap (and the original source files) to clients that aren't from your local network.

You should realize though, that if you want to prevent access to the sourcemaps for security reasons, then all you will achieve is a false sense of safety. Javascript is public, and even if it is minified and encrypted, it is fairly easy to unencrypt it. Do not put any sensitive data in your javascript. Not even if you minify and encrypt it.

like image 101
AHM Avatar answered Sep 21 '22 00:09

AHM

Following might be useful for you

Multi-level Source Maps - The CSS Ninja

The link also explains using UglifyJS2 with which an input source map can be specified. However, I have not tested with a local input source

Also, you can try hosting the file on local and changing your hosts file to point something like local.mydomain.com to localhost. And then specify local.mydomain.com/js/my-orig-js-file.js as the Source Root

like image 20
Om Shankar Avatar answered Sep 21 '22 00:09

Om Shankar
Sign in to Comment

Related questions

Combining and Caching multiple JavaScript files in ASP.net
How to unescape html in javascript? [duplicate]
How to have multiple instances of jQuery plugin on single page?
Selecting text in mobile Safari on iPhone
Sproutcore or Cappuccino for Ruby-on-rails?
Using appendChild multiple times with the same node in JS
Function expression ending with ; vs. not
Which JS event is fired when Chrome gets the download file?
requireJs order plugin: can it exist in a different path than the require.js basePath?
Freeze Header until Irrelevant (HTML, CSS and JS)
javascript data tables with twitter bootstrap
Websockets. Loss of internet, keep-alive messages, app architecture etc
Javascript Documentation
Prevent back button after logout
Is it possible to mock the window.location object for a qUnit test?
jQuery deferred object with nested ajax calls
How to have forEach available on pseudo-arrays returned by querySelectorAll?
Hide vs Remove DOM elements [closed]
Can I use javascript to record voice on a web app?
Application Error Is a directory (file:///#android_asset/www/index.html)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!