Can You secure a JS file ? 4

[saw15]

I have been asked by a client if you can secure a js file? Currently there are functions within this file, that could be considered sensitive.

If someone was to go to:

http://www.test.com/include/misc.js

they would be given the option to download or open the js file.

Can this file be secured?

Thanks in advance.

 

[gph1]

No

You can use the usual array of pretend barriers, no right click etc. but JS is a client side language and therefore needs to be download to work.

Using JS, the best advice I can give is to make the file hard enough to read that only people that can read JS will get to the sensitive info. Things like splitting up variables and spreading them across different JS files.

In JS1

a = 'ing'

In JS2

b = 'str'

function blah(){c=b+a}

But this will also make for complicated editing. The best option is to keep sensitve info on the server and use a server side language to process info sent from the client.

 

[xutopia]

amen. A star for you. Gary

http://www.xutopia.com

Haran

 

[jemminger]

inevitably someone is going to add to this thread "yes you can!"

let me just reiterate the definition of client-side code, which is what .js includes are: they are available on the CLIENT side!

put your sensitive information in server-side functions.

=========================================================
if (!succeed) try();
-jeff

 

[Wullie]

yes you can!!

Take your js file, put it on a floppy disk and bury it at least 6 foot from the surface, never tell anyone where you put it.

The other alternative that was posted here a while back was to enclose all the code in <Invisible> </Invisable> tags.

Sorry, too tempting Wullie

http://www.freshlookdesign.co.uk

http://www.freshlookdesign.com

http://www.mailtosanta.co.uk

The pessimist complains about the wind. The optimist expects it to change.
The leader adjusts the sails. - John Maxwell

 

[onpnt]

I love it!!!

I'm going to have to send out another nobel prize nomination _________________________________________________________
for the best results to your questions: FAQ333-2924
Is your question a most FAQ?? Find out here FAQ333-3048

http://www.onpntwebdesigns.com/aspTut4.asp

 

[onpnt]

I think we're all missing the objective here though

if we don't build it they will never come!!! _________________________________________________________
for the best results to your questions: FAQ333-2924
Is your question a most FAQ?? Find out here FAQ333-3048

http://www.onpntwebdesigns.com/aspTut4.asp

 

[onpnt]

alright now I've had fun and I think everyone else got a laugh, but seariously I think the point has been made. The point mainly has been made far to often and that is the cause of this output from all of us. Let alone sitting in the HTML (of all places) the same type of thread with the same results.

saw15
apologies for the hijacking thread moment and the main point that is being brought up here is the same thing that has been argued till blue in the face in far too many threads from the experienced to the begginers that &quot;there is no true way to hide source code&quot;. A quick Tek-Tips search will show you many instances that prove the lack there of in hiding code from others on the web in these same types of threads that have been started. every attempt to hide the code has been broken down to nothing by most.
Final note that I hope ends your pursuit of it is it can't be done. _________________________________________________________
for the best results to your questions: FAQ333-2924
Is your question a most FAQ?? Find out here FAQ333-3048

http://www.onpntwebdesigns.com/aspTut4.asp