How to hide js and css code

MIR_INAM · August 6, 2023, 8:50am

I am on blogger and I have my important JS and CSS code in the website but after using a source code viewer ,my all webpage code becomes open for anyone and I want it to be hidden. I want to store the files in another host that I will use in my blogger website by the URL of js and css code and also the file should have a security like if anyone will type it’s URL in the browser the file should show an error like not allowed to read file etc. Or simply the file should only be executed by browser and not by any source code viewer. Is there any file system like that available for free.

Frank419 · August 6, 2023, 8:59am

If you do this, then your page won’t load either.
The only work around is to encrypt the file and decrypt locally with some extra js. But it won’t work for the HTML content, and the source would become visible after all.
Why do you even wanted to hide them?

MIR_INAM · August 6, 2023, 9:00am

it contains my all website design and work and I don’t want it to be open Because my website is an students app for solving different math questions like quadratic equations etc and if its code is openly available then my business will fade

Oxy · August 6, 2023, 9:20am

Then you need to use a programming language that is not executed in the browser (not JS) but on the server like PHP

Because everything that is executed in the browser is of course visible to the browser
otherwise, it would neither know nor be able to do it

Admin · August 6, 2023, 10:27am

HTML and CSS is interpreted by the browser of the visitor. Javascript code is executed in the browser of the visitor. Browsers need access to this source code to run it.

There are tricks you can do to make the code harder to read, which is called “obfuscation”. Encryption/encoding of the source code is one way to do it. But in the end, you’ll need to have Javascript on your site to decrypt/decode/deobfuscate the code in order to run it, and any hacker could inspect that code and perform the same tricks to access your source code. There is no way to prevent that.

The solution is to move parts of the software to the server, by doing it with PHP. If you have the math questions and corresponding answers on the server, then download those in your Javascript, and send the answers back to the server to be checked, then it’s impossible to see the answer (assuming your server code is secure).

This is also the best way to prevent people from copying your software, as they would have to recreate the server parts from scratch to get all the functionality. If everything runs in the browser, they can just Ctrl-S the page and take all your code.

MIR_INAM · August 6, 2023, 10:47am

Actually my website is an app, it enables students to input math questions like if they have to get the factorization of any number or LCM etc and it gives them answer by using javascript.I want that javascript code to be hidden because my source of income is that particular js code and if anyone will steal that code my business will not work.And also I am on free blogspot website

Frank419 · August 6, 2023, 10:50am

Again, hiding that is IMPOSSIBLE. The only thing you can do is just

but you cannot hide the code.

You should try rewrite some of the code into PHP and then interact with the code with AJAX.

Admin · August 6, 2023, 11:18am

Code that runs on client devices CAN and WILL be copied, dissected, studied and modified. The legality of studying the code is debatable, and copying the code into a competing product is definitely illegal. But technically, there is nothing you can do about it. Javascript code runs in the browser of the visitor.

Therefore, the code is not safe. Access control checks and data validation can be bypassed. Credentials in the code for things like databases and external services can be extracted and used outside of your code. The solution is always the same: run it on a server with software you control.

Again:

You chose to develop your project in Javascript. This is the consequence.

I’m aware that we are effectively telling you to start over with your project, and I completely understand that you don’t want to do that. But the reality is that you painted yourself into a corner by choosing a technology that is simply incapable of providing the security you want.

So these are you options:

Keep going, and accept that your code is publicly visible.
Obfuscate the code and make it harder to inspect, but still able to copy.
Refactor/recreate your code so it runs (partially) on the server, so it relies on your proprietary server software to be of any use.

I fully understand that none of these options are attractive to you. But this is just the reality of the situation. You can’t just throw some special sauce DRM on top of your code to make it impossible to copy. Wishful thinking isn’t going to fix that.

Blogspot doesn’t provide hosting for server side software. We do provide hosting for PHP and MySQL, so you can host the project with us instead.

Oxy · August 6, 2023, 9:13pm

Why would someone steal your code when there are much smarter solutions (sites) like this one
or apps with which you just take a picture of the problem and it gives you the answer
not to mention AI

wiselycursedB · August 14, 2023, 10:08am

Get used to it. Anything on backend can be guessed and remade by a clever backend developer. Anything on frontend is relies on a simple CTRL S.

Ziverre · August 14, 2023, 10:21am

Then it is your code, not that person’s.
There is also Copyright law which will get your ass if you try copying source code of a copyrighted program.

wiselycursedB · August 14, 2023, 10:26am

Well true, but think that too writing a website from zero takes weeks or months. Guessing an existing code and writing it takes days or less.

Ziverre · August 14, 2023, 10:29am

I have to disagree but whatever.

lovebug · August 14, 2023, 11:21am

I just thought of a crazy (and horrible) idea that will solve the issue

generate the pages on the backend with php and once its complete rasterize it to an image

then serve a page containing this image and a little javascript to send mouse clicks back to the backend for processing clickable objects, links etc

probably the worst solution ever but it’ll work and the user browsing the site wont get your design files

Ziverre · August 14, 2023, 11:23am

How to speedrun getting suspended

lovebug · August 14, 2023, 11:25am

well I did say it was a horrible idea

wiselycursedB · August 14, 2023, 11:38am

Hmm. Possible. Creating a local browser session and screen sharing it to client is an easier solution btw It just, requires a datacenter to run.

Metahuman works like this i suppose.

Frank419 · August 14, 2023, 11:11pm

This is not gonna stand within web page accessibility. They cannot zoom cause it will be so blurry, and if you make the output image so clear to be zoomed, that’s gonna take a lot ot time to transfer.

But yeah,

lovebug · August 15, 2023, 5:10am

i was kind of joking when i posted this

yes it would work and yes it solves the problem but no its not a good idea and no i would not recommend anyone to seriously do this

its a crazy and horrible solution for sure

system · August 30, 2023, 5:11am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.