tags:

views:

289

answers:

2
+2  Q: 

ASP.NET MVC Dotfuscator problems

Hello,

I am trying to use Dotfuscator (CE) to help protect our ASP.NET MVC .ddl. Its a web application that will be distributed to clients and we need a way to protect our IP.

The problem is that it appears to break the application once completed. I've only got so far with disabling renaming on my Controllers namespace but I'm get null reference exceptions now.

Has anyone got Dotfuscator working with ASP.NET MVC DLL's? Google provides no possible blog posts or information.

Thanks.

Other details:

Visual Studio 2008 Professional,

Windows Vista Business x64,

Registered my Dotfuscator but not had an email with a download link for the upgraded CE edition.

Or can anyone suggest a relatively cheap tool that would work properly?

+6  A: 

I don't think that will work because ASP.NET MVC relies so heavily on reflection.

I have successfully obfuscated an ASP.NET MVC application using SmartAssembly and the control-flow-obfuscation option it has. That does't change the name of your class members but instead changes the code in your methods into spaghetti code.

Jesper Palm  2009-10-13 10:37:50
+1  A: 

It is true that ASP. NET MVC relies heavily on reflection, and therefore you cannot obfuscate the type or properties which will be reflected. However, I would argue that there is no need to obfuscate most of this stuff anyway. Your controller names and action names are already public, since they appear in URIs. Your presentation models are essentially public as well, since they should be designed like your view, and since end-users can see your view.

Your controllers should be very lightweight, and simply bind objects from a repository to your presentation models. So there is little intellectual property to hide here.

The code you would actually want to obfuscate would presumably be your business logic, which can very easily live in a separate assembly. So my suggestion would be that rather than trying obfuscator after obfuscator, and trying to find one which seems to work (except for those bugs which you miss, but your users find later on), that you instead partition the code which is important to obfuscate and his not so dependent on reflection.

Craig Stuntz  2009-10-13 13:05:57

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?