tags:

views:

279

answers:

4
Q: 

Javascript protection

Hello,

I know this is kind of stupid, but I need to protect a javascript, in a sense that I wish to add as much security as possible so that it is not pirated. Well, because it the core component of the system. I plan to use YUI compressor to compress and obfuscate it.

But I would also like to add a protection which checks the domain, if the domain matches then its fine else it will simply exit.

What other protection methods would you suggest? How do I make it such that people purchase the script (very cheap) instead of copying it directly etc.

Thank you for your time.

Update

Just thought I'd add that the package also contains a PHP file without which it can't work really. Unless someone sees what kind of JSON data the script is exchanging and then recreates the PHP file.

+12  A: 

Such measures are ultimately doomed for failure. While you may stop some people who would otherwise steal it, the people who care enough to take it are the ones who aren't going to be stymied by anything you come up with. If it's really that important, move it to the server side.

Pesto  2009-06-08 12:27:53
+1  A: 

The problem you have is that to run the javascript in the browser, the client needs to download it as a text file. No matter what you do, the client has the source to the javascript. The only thing you can hope to do is what you've already mentioned (obfuscate and compress), but it will not prevent a determined/experienced person from using it.

With the source code, the domain check could easily be removed. Additionally, if someone wishes to use the javascript "as is", they only need to look at how you are using it and not what it is doing, making calls in the same way as you (your demo?) are.

adrianbanks  2009-06-08 12:29:06
A: 

A javascript library needs to be DAMN good if anyone should purchase it, given that JQuery is free.

erikkallen  2009-06-08 12:32:41
well i hope mine is :)
Alec Smart  2009-06-08 12:45:39
its over 1000 lines of code. its not fair that a php code can sell, where javascript cant.
Alec Smart  2009-06-08 12:46:58
1000 lines of code is nothing. Did you miss a zero?
erikkallen  2009-06-08 13:46:59
+2  A: 

Truthfully, I think what you are doing is probably going to be enough for your needs. Like the others said, really you can't stop someone from stealing the code, but you can make it not worth their while. If the code you wish to sell is cheap then obfuscation is going to be the way to go. Why? It's because the amount of money someone will pay for something is directly related the amount of time it will take for someone to build it themselves. I would much rather pay 10 dollars for a piece of code I think will fit my needs than spending 30 or so hours to try and steal something someone else wrote. Not to mention the fact that stealing is unethical, and would I think that most programmers would rather pay someone for the code they wrote than take it.

Kevin  2009-06-08 12:34:26

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript