tags:

views:

555

answers:

7
+3  Q: 

hide javascript from showing up in browser

I have some javascripts that I am using in my files. But when we view the source code it shows our javascript as it is. Is there any way with which we can hide our javascript from showing up in the browser using php.

+5  A: 

That's how it works, it visible to everyone. You can obfuscate it, though.

slipbull  2009-07-24 10:52:07
+2  A: 

I recommend minifying it and that will remove the comments and white spacing from your code. If you don't want the names of the variables visible then you will need to obfuscate it.

AutomatedTester  2009-07-24 10:53:31
A: 

As already suggested you can obfuscate it. However if it just to stop it from appearing in the browser you can just put it into an external .js file and reference it in the HTML page e.g.

<script type="text/javascript" src="MyScript.js"></script>

However, this will not stop people from being able to access it.

James  2009-07-24 10:54:39
+4  A: 

There is a free javascript obfuscator at javascriptobfuscator.com. It will not prevent dedicated people from "stealing" your code, but normal copy&paste will not be easy.

Also see this question: http://stackoverflow.com/questions/194397/how-can-i-obfuscate-javascript . It contains some very good answers and also explain how this is security through obscurity.

Espo  2009-07-24 10:56:48
A: 

no. javascript executes on the client side.

troelskn  2009-07-24 11:00:28
+3  A: 

As Javascript is executed inside the browser, on the client's machine, it has to be sent to that client machine.

So, one way or another, the client has to be able to read it. So, no, you cannot prevent your users from seeing the JS code if they want to.

You could obfuscate it, but someone who really want to get to your source will always be able to (event if it's hard)... But the thing is : why would you prevent your users from seeing the JS source code if they want to ?

As a sidenote : with minified/obfuscated JS code, when you'll have a bug, it'll be really harder to track down... (and you really have to keep a no-obfuscated version on your development/testing machine)

Pascal MARTIN  2009-07-24 11:04:02
A: 

I'm not sure if this will work, I may try it sometime. But basically:

<script type="text/javascript" src="MyScript.php"></script>

In the PHP file add some sort of refering to check what page requested it or what the last page was. Then if it was one of your own pages, then echo the JS, if not then don't echo it. It will still be possible to read the JS, but even harder than just viewing source and de-obfuscate it. So you could also obfuscate the code inside the .php file.

TylerF  2009-07-24 11:23:33
You can easily view it so it is a small hindrance.
epascarello  2009-07-24 14:57:08

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases