1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Javascript And Code Theft

Discussion in 'JavaScript' started by Xangis, Jan 25, 2013.

  1. #1
    I come from a desktop development background where everyone is afraid of having their product's source code stolen.

    With JavaScript on the web, you're giving your source code to everyone who visits your website because it's the only way to run your program.

    Do you take any precautions to keep your code from being taken and used by other sites, or just not worry about it unless it becomes a big enough problem that you need to throw lawyers at it? Do you use obfuscation? Have you ever "borrowed" code from a site to use on your own?
     
    Xangis, Jan 25, 2013 IP
  2. mokah

    mokah Active Member

    Messages:
    88
    Likes Received:
    6
    Best Answers:
    1
    Trophy Points:
    65
    #2
    Well, if you're really worried about your code being stolen, try accomplishing the same thing server-side by using PHP or something.
     
    mokah, Jan 25, 2013 IP
  3. hip_hop_x

    hip_hop_x Active Member

    Messages:
    522
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    90
    #3
    One way of getting things way more secure from my experience: obfuscate your code, implement server side things and call them via ajax (even if it will use more resources from your server), implement detection methods (if localhost or other url than your own), implement a 2nd layer of javascript which has a token active for 1 request.

    Usually stick to obsfucation and ajax calls, that's more than enough in 90% of the cases.
     
    hip_hop_x, Jan 25, 2013 IP
    Xangis likes this.
  4. deathshadow

    deathshadow Acclaimed Member

    Messages:
    9,732
    Likes Received:
    1,998
    Best Answers:
    253
    Trophy Points:
    515
    #4
    The Internet is an OPEN environment, pretty much by definition. If you are worried about anything you put online being taken and used for some other purpose -- don't put it online! I don't care if it's code, pictures, movies -- ANYTHING you try to do to prevent what's sent to the browser is a waste of time and effort -- and is typically slapped aside as if it wasn't even there by anyone with the least bit of experience.
     
    deathshadow, Jan 26, 2013 IP
  5. Rukbat

    Rukbat Well-Known Member

    Messages:
    2,908
    Likes Received:
    37
    Best Answers:
    51
    Trophy Points:
    125
    #5
    If you keep your Javascript in an external file, script kiddies won't be able to steal it. As DS says, though, anyone with even a little experience will be able to steal and unobfuscate anything on your site except the server-side code and the database.
     
    Rukbat, Jan 26, 2013 IP
  6. Xangis

    Xangis Active Member

    Messages:
    182
    Likes Received:
    15
    Best Answers:
    0
    Trophy Points:
    78
    #6
    Thank you all for the input. That's about what I had expected. Interesting bit about the tokens, hip_hop_x.
     
    Xangis, Jan 26, 2013 IP
  7. mokah

    mokah Active Member

    Messages:
    88
    Likes Received:
    6
    Best Answers:
    1
    Trophy Points:
    65
    #7
    I can't agree with this enough. The Internet is a free and open place. You can try to obfuscate your code as much as you want. People will figure it out. Your users are downloading all of your front-end code to your computer. That's the Internet. I mean, if your code is worth hiding so much, why not use server-side code to ensure only the results are seen by users?
     
    mokah, Jan 26, 2013 IP
  8. hip_hop_x

    hip_hop_x Active Member

    Messages:
    522
    Likes Received:
    5
    Best Answers:
    0
    Trophy Points:
    90
    #8
    Indeed, but maybe you want a little more extra for the client side, why to let your competition to easy steal/rip off your website. Not to mention the ones making live examples of their templates or something like that. My suggestion is to think outside the box, if you think your code is good enough but requires javascript (like why to add 1000 new threads to your server if a thing could be done from js) then you'll have to figure out a system that really worth the effort.


    It won't be 100% secure and for sure a smart guy will get the use of it just by debugging mostly, but even some things worth the extra effort.
     
    hip_hop_x, Jan 26, 2013 IP