Should you hide your frontend JavaScript code? CAN you hide your browser JavaScript code?
Join the full JavaScript course: https://acad.link/js
Exclusive discount also available for our Node.js course: https://acad.link/nodejs
Check out all our other courses: https://academind.com/learn/our-courses
———-
• Go to https://www.academind.com and subscribe to our newsletter to stay updated and to get exclusive content & discounts
• Follow @maxedapps and @academind_real on Twitter
• Join our Facebook community on https://www.facebook.com/academindchannel/
See you in the videos!
———-
Academind is your source for online education in the areas of web development, frontend web development, backend web development, programming, coding and data science! No matter if you are looking for a tutorial, a course, a crash course, an introduction, an online tutorial or any related video, we try our best to offer you the content you are looking for. Our topics include Angular, React, Vue, Html, CSS, JavaScript, TypeScript, Redux, Nuxt.js, RxJs, Bootstrap, Laravel, Node.js, Progressive Web Apps (PWA), Ionic, React Native, Regular Expressions (RegEx), Stencil, Power BI, Amazon Web Services (AWS), Firebase or other topics, make sure to have a look at this channel or at academind.com to find the learning resource of your choice!
Original source
38 responses to “JavaScript Security: Hide your Code?”
Want to learn making html page dynamic using Javascript, Visit https://www.youtube.com/watch?v=RaF3ZlMuU0g
Great stuff…
sir I want to hide html comment "<!– –>/" from source in my website. please help me.
Obfuscation is immoral and unethical
its not just api key or whatever . what about changing the code? if you make a front page game and you dont wanna put the code in the server what if the client change the rules of the game? for example change the time clock. if you have thousands of users playing simultaneously you dont wanna calculate the time and every movements and the rules in your server
exactly what i need to know .. thank you!!
Good tutorial! Always good to first leverage proper security protocols in building secure JS apps. But if you need to leverage more business logic client side and want to protect that code, IP and data check out http://www.jscrambler.com
Never trust client. Verify in backend
What ???? No one heard about jquery VM, CDN, Obfuscatation, same as PHP CodeIgniter … This is an old problem that long ago has been solved
So as HTML5 Game Developers where content is 100% in the client, we're essentially screwed?🤔
what about in react native? can I hide code there?
if you want to store this client-side why would you not just set the keys as an environment variable so they accessible to the dev but they are not rendered to the DOM for client-side viewing? Can someone help me understand where my logic is wrong here so that I can improve this in the future? -Thank you
this video has everything to do with the title. i got an answer to something that was bothering a lot on watching this the 3rd time. i dont know why i didn't get it before. i think people who are into spa will find that the title of the video goes well with the content (since i noticed some comments about title and content )
Thats some very valuable information. Thanks. Appreciate the detailed explanation. Keep it up
I feel like if I were to ask this guy what time it is, he'd tell how the watch was made. Please get to the point…
luv u
Why even have an api token? Just autoroize the domain
So essentially run a server-side app and use environmental variables. Then create an api for your js frontend to interface with. You can configure your own permissions on the user by coding them yourself since its your api. Mern stack + typescript it is.
Slow
"Harder"? what? You need to press {} pretty code button on chrome only.
whats the name of your code editor bro???
Here's my tip:
a) search for a web site that ulgify js code.
b) back up all your js files
c) ulgify all your js files
d) deploy the uglified version of your files, .gitignore your jsFilesBackup
Be happy.
You almost answered my exact question! I have a Vue front end, with a Django backend (all running off the same host & port (proxied), using sessions). As it stands, a user can get full access to the front-end of the system by faking a login on the client-side, i.e. flipping a 'loggedIn' boolean. They will not get any data, but they will see the full UI, and I don't think I want this. How can that be prevented?
Video title is not appropriate.
Really Helpful Max.
Make all wortg while code on server-side.
Answer is no
Using sever side frameworks like Web Firm Framework is more secure.
Buddy change your Video Tittle
please direct to the point
How about config variables?
Didnt find the way to hide js logic.
Where did you exactly hide your code???
The truth is that javascript is an absolute fucking abomination. Tottaly unsecure
This video is somewhat misleading
The title is misleading
If JavaScript was hidden or even encrypted at client browsers, there would be hardly any websites today. If you wanna hide stuff, hide it in your backend service layer where you can put your business logic. If you're a frontend developer and frustrated, then you can't do anything about it. Just let it go or work with your backend teammate on a solution. If you're a fullstack developer or freelancer or hobbyist, it's all in your hands. You're the commander of what to show and what not to show.
Can’t hide it but you can make it almost unreadable