JavaScript Security: Hide your Code?




Should you hide your frontend JavaScript code? CAN you hide your browser JavaScript code?
Join the full JavaScript course: https://acad.link/js
Exclusive discount also available for our Node.js course: https://acad.link/nodejs

Check out all our other courses: https://academind.com/learn/our-courses

———-

• Go to https://www.academind.com and subscribe to our newsletter to stay updated and to get exclusive content & discounts
• Follow @maxedapps and @academind_real on Twitter
• Join our Facebook community on https://www.facebook.com/academindchannel/

See you in the videos!

———-

Academind is your source for online education in the areas of web development, frontend web development, backend web development, programming, coding and data science! No matter if you are looking for a tutorial, a course, a crash course, an introduction, an online tutorial or any related video, we try our best to offer you the content you are looking for. Our topics include Angular, React, Vue, Html, CSS, JavaScript, TypeScript, Redux, Nuxt.js, RxJs, Bootstrap, Laravel, Node.js, Progressive Web Apps (PWA), Ionic, React Native, Regular Expressions (RegEx), Stencil, Power BI, Amazon Web Services (AWS), Firebase or other topics, make sure to have a look at this channel or at academind.com to find the learning resource of your choice!

Original source


38 responses to “JavaScript Security: Hide your Code?”

  1. its not just api key or whatever . what about changing the code? if you make a front page game and you dont wanna put the code in the server what if the client change the rules of the game? for example change the time clock. if you have thousands of users playing simultaneously you dont wanna calculate the time and every movements and the rules in your server

  2. if you want to store this client-side why would you not just set the keys as an environment variable so they accessible to the dev but they are not rendered to the DOM for client-side viewing? Can someone help me understand where my logic is wrong here so that I can improve this in the future? -Thank you

  3. this video has everything to do with the title. i got an answer to something that was bothering a lot on watching this the 3rd time. i dont know why i didn't get it before. i think people who are into spa will find that the title of the video goes well with the content (since i noticed some comments about title and content )

  4. So essentially run a server-side app and use environmental variables. Then create an api for your js frontend to interface with. You can configure your own permissions on the user by coding them yourself since its your api. Mern stack + typescript it is.

  5. Here's my tip:
    a) search for a web site that ulgify js code.
    b) back up all your js files

    c) ulgify all your js files
    d) deploy the uglified version of your files, .gitignore your jsFilesBackup
    Be happy.

  6. You almost answered my exact question! I have a Vue front end, with a Django backend (all running off the same host & port (proxied), using sessions). As it stands, a user can get full access to the front-end of the system by faking a login on the client-side, i.e. flipping a 'loggedIn' boolean. They will not get any data, but they will see the full UI, and I don't think I want this. How can that be prevented?

  7. If JavaScript was hidden or even encrypted at client browsers, there would be hardly any websites today. If you wanna hide stuff, hide it in your backend service layer where you can put your business logic. If you're a frontend developer and frustrated, then you can't do anything about it. Just let it go or work with your backend teammate on a solution. If you're a fullstack developer or freelancer or hobbyist, it's all in your hands. You're the commander of what to show and what not to show.

Leave a Reply