blocks|key|389026|text|特别是在现代浏览器中，这完全是浪费时间。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|389027|我可以使用Firebug来查看somesecret.js...至于另一个，我更好，如果你向下滚动，你就会看到源代码。|389028|您可以缩小或混淆您的代码，这将使更改代码变得困难(但不能获得完全相同的副本)。建议使用最小化，因为它会使您的页面加载速度稍快一些。|389029|entityMap^0|0|0|0^^$0|@$1|2|3|4|5|6|7|H|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|I|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|J|8|@]|9|@]|A|$]]|$1|F|3|-4|5|6|7|K|8|@]|9|@]|A|$]]]|G|$]]

Especially in modern browsers, it's a complete waste of time.

I can use Firebug to see somesecret.js... as for the other I'm better if you'd scrolled down you'd see the source.

You can minify or obfuscate your code, which will make it difficult to alter (but not to take an exact copy). Minification is recommended as it will result in your page loading slightly faster.

blocks|key|1760262|text|好吧，如果你拥有服务器，你可以拒绝来自除了你自己的主机名以外的引用者的访问。在Apache上，您可以通过.htaccess完成此操作。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1760263|您也可以使用Dean+Edwards'+packer来打包您的生产Javascript代码。|offset|length|1760264|但请注意，使用Firebug或其他调试工具，大多数人仍然能够通过DOM选项卡/检查器查看您的代码。|1760265|entityMap|0|LINK|mutability|MUTABLE|url|http://dean.edwards.name/packer/^0|0|6|K|0|0|0^^$0|@$1|2|3|4|5|6|7|P|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|Q|8|@]|9|@$D|R|E|S|1|T]]|A|$]]|$1|F|3|G|5|6|7|U|8|@]|9|@]|A|$]]|$1|H|3|-4|5|6|7|V|8|@]|9|@]|A|$]]]|I|$J|$5|K|L|M|A|$N|O]]]]

Well, if you own the server, you can deny access from referers other than your own hostname. On Apache, you can do that through .htaccess.

You can also use <a href="http://dean.edwards.name/packer/" rel="nofollow noreferrer">Dean Edwards' packer</a> to pack your production Javascript codes.

But take note that with Firebug or other debugging tools, most people are still able to see your code through the DOM tab/inspector.

blocks|key|1796614|text|你可以混淆你的Javascript。在野外有很多工具可以做到这一点，例如http://www.javascriptobfuscator.com/。然而，它不会阻止任何人看到代码，但会增加代码的可读性。|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|1796615|entityMap|0|LINK|mutability|MUTABLE|url|http://www.javascriptobfuscator.com/^0|10|10|0|0^^$0|@$1|2|3|4|5|6|7|L|8|@]|9|@$A|M|B|N|1|O]]|C|$]]|$1|D|3|-4|5|6|7|P|8|@]|9|@]|C|$]]]|E|$F|$5|G|H|I|C|$J|K]]]]

You could obfuscate your Javascript. There are a lot of tools to do that in the wild, e.g. <a href="http://www.javascriptobfuscator.com/" rel="noreferrer">http://www.javascriptobfuscator.com/</a>. However it does not prevent anyone to see the code, but makes it harder to read.

blocks|key|1760285|text|这根本是不可能的。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1760286|要使访问者的浏览器能够执行脚本，他们必须能够下载该脚本。不管你试图使用JS，服务器权限等什么花招，在一天结束的时候，他们总是可以wget+http://example.com/yourcoolscript.js。即使它们不能(例如，您需要为该请求提供“秘密”头部)，这也很可能会抑制大多数浏览器的行为，同时也不会阻止决心坚定的人查看。|offset|length|style|CODE|1760287|从根本上说，因为JS是在客户端执行的，所以客户端必须能够访问“原始”JS文件。|1760288|你可以做的一件小事就是混淆，这会有一点帮助。但由于JS是解释型的，所以它也是自己的去混淆器--参见one+of+my+earlier+answers的例子。|1760289|基本上-“如果你构建它，他们会看起来”。:-)|1760290|entityMap|0|LINK|mutability|MUTABLE|url|https://stackoverflow.com/questions/425113/how-would-you-reverse-engineer-this/425160#425160^0|0|1S|15|0|0|1D|P|0|0|0^^$0|@$1|2|3|4|5|6|7|V|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|W|8|@$D|X|E|Y|F|G]]|9|@]|A|$]]|$1|H|3|I|5|6|7|Z|8|@]|9|@]|A|$]]|$1|J|3|K|5|6|7|10|8|@]|9|@$D|11|E|12|1|13]]|A|$]]|$1|L|3|M|5|6|7|14|8|@]|9|@]|A|$]]|$1|N|3|-4|5|6|7|15|8|@]|9|@]|A|$]]]|O|$P|$5|Q|R|S|A|$T|U]]]]

It's simply not possible.

For a visitor's browser to be able to execute the script, they have to be able to download it. Not matter what trickery you try to pull with JS, server permissions etc., at the end of the day they can always just <code>wget http://example.com/yourcoolscript.js</code>. And even if they can't (e.g. you require "secret" headers for that request) that would likely inhibit the behaviour of most browsers, while not stopping a determined person from looking anyway.

Fundamentally, because JS is executed client-side, the client must have access to the "original" JS file.

One minor thing you can do is obfuscation, which can help a little bit. But since JS is interpreted, it's also its own deobfuscator - see <a href="https://stackoverflow.com/questions/425113/how-would-you-reverse-engineer-this/425160#425160">one of my earlier answers</a> for an example.

Basically - "if you build it, they will look". :-)

blocks|key|460980|text|不要浪费你的时间。如果浏览器可以下载它来运行它(它可以，否则代码是无用的)，那么可以编写一个程序来下载并保存它。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|460981|我们一次又一次地看到，保护这种东西的技术方法是行不通的。|460982|您真的认为您的JS代码如此宝贵，需要这样的保护吗？一旦你让它工作，一定要通过一个minifier来运行它，即使只是为了加快下载过程。但对于保护它，我会专注于你最擅长的(我假设是编码它)。|460983|如果您确实需要保护代码不被查看，请不要在客户端JS中执行此操作。将其放在服务器上，并使用JS与之通信。|460984|entityMap^0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|J|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|K|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|L|8|@]|9|@]|A|$]]|$1|F|3|G|5|6|7|M|8|@]|9|@]|A|$]]|$1|H|3|-4|5|6|7|N|8|@]|9|@]|A|$]]]|I|$]]

Don't waste your time. If a browser can download it to run it (and it can, otherwise the code is useless), a program can be written to download it and save it.

Time and time again, we've seen that technological methods to protect things like this don't work.

Do you really think that your JS code is so precious that it needs that sort of protection? Once you get it working, by all means run it through a minifier if only to speed up the download process. But as to protecting it, I would concentrate on what you do best (which I'm assuming is coding it).

If you really need to protect the code from being viewed, don't do it in client side JS. Put it on the server and just use JS to communicate with that.

blocks|key|389192|text|有两种类型的用户:一种是不关心的大群体。不需要对它们进行保护。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|389193|然后，有一群人真的想看看你是如何做到的。没有办法保护自己不受攻击。他们拥有所有的工具和知识来规避你能想到的任何保护措施。你可以使用混淆，但这会花费你的金钱和时间，所以最终，你只能输。|389194|创造一个伟大的产品，再加上提供良好的支持，人们就会愿意为此买单。城堡建筑在过去并不好用(很多努力，只需要几块石头就能把它们拆掉)，现在肯定不能用了。|389195|如果你害怕你的想法会被窃取，那就找一份新的工作，因为他们会被窃取，而你无能为力。|389196|entityMap^0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|J|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|K|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|L|8|@]|9|@]|A|$]]|$1|F|3|G|5|6|7|M|8|@]|9|@]|A|$]]|$1|H|3|-4|5|6|7|N|8|@]|9|@]|A|$]]]|I|$]]

There are two kinds of user: There is the large group who couldn't care less. No need to protect against them.

Then, there is the group who really wants to see how you did it. There is no way to protect against them. They have all the tools and the knowledge to circumvent any protection you could come up with. You could use obfuscation but that's going to cost you money and time, so in the end, you can only lose.

Create a great product plus offer good support and people will be willing to pay for it. Castle building didn't work well in the past (lot of effort and it took just a couple of stones to tear them down) and it surely doesn't work today.

If you're afraid that your ideas are going to be stolen, then look for a new job, because they will be and there's nothing you can do.

blocks|key|1796793|text|如果你有大秘密，就把它们保存在服务器上。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1796794|然后将所有JS文件捆绑到一个文件中，并对其进行模糊处理。|1796795|这应该会阻止许多人走得更远，同时也会减少大小和http调用。|1796796|但这并不能阻止真正的坏人。|1796797|我们正在构建一个JS+heavy应用程序，并在很久以前就解决了这种偏执。|1796798|事实上，我们做了相反的事情。|1796799|既然没有什么是可以保护的，为什么不开源有用的部分，并从其他人那里获得反馈呢？|1796800|试试看，你不会失望的。|1796801|entityMap^0|0|0|0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|R|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|S|8|@]|9|@]|A|$]]|$1|D|3|E|5|6|7|T|8|@]|9|@]|A|$]]|$1|F|3|G|5|6|7|U|8|@]|9|@]|A|$]]|$1|H|3|I|5|6|7|V|8|@]|9|@]|A|$]]|$1|J|3|K|5|6|7|W|8|@]|9|@]|A|$]]|$1|L|3|M|5|6|7|X|8|@]|9|@]|A|$]]|$1|N|3|O|5|6|7|Y|8|@]|9|@]|A|$]]|$1|P|3|-4|5|6|7|Z|8|@]|9|@]|A|$]]]|Q|$]]

If you have big secrets, keep them on the server. 

Then bundle all your JS files in one file, that you obfuscate. 
This should prevent many people to go further, and as well reduce size and http calls. 
But this won't stop the real bad guy if any.

We're building a JS heavy app and cured this paranoia long time ago. 
If fact, we did the opposite.

As nothing can be protected, why not open source useful parts and get feedback from other people? 
Try it, you won't be disappointed.

blocks|key|1760393|text|一种想法是使用websockets通过socket.listener将javascript文件提供给浏览器，并与eval一起运行。这样，任何人都很难看到真正的“源”，因为套接字的连接已经关闭。|type|unstyled|depth|inlineStyleRanges|offset|length|style|CODE|entityRanges|data|1760394|在http://samy.pl的主页上可以看到另一个惊人的策略，，它使用空格(\u0020)和制表符(\u0009)作为字节密码来隐藏JS代码！|BOLD|1760395|如果你查看源代码，你只能看到一行实际的JS代码：http://pastebin.com/e0pqJ8sB你自己看看它是如何工作的(没有剧透！)|1760396|至于模糊处理器，请参阅http://utf-8.jp/public/jjencode.html+(和/或其他版本)|1760397|这个免费的混淆器运行客户端，并产生unminify.com和jsbeautifier甚至无法解码的胡言乱语：|1760398|​|1760399|$=~[];$={___:%2B%2B$,$$$$:(![]%2B"")[$],__$:%2B%2B$,$_$_:(![]%2B"")[$],_$_:%2B%2B$,$_$$:({}%2B"")[$],$$_$:($[$]%2B"")[$],_$$:%2B%2B$,$$$_:(!""%2B"")[$],$__:%2B%2B$,$_$:%2B%2B$,$$__:({}%2B"")[$],$$_:%2B%2B$,$$$:%2B%2B$,$___:%2B%2B$,$__$:%2B%2B$};$.$_=($.$_=$%2B"")[$.$_$]%2B($._$=$.$_[$.__$])%2B($.$$=($.$%2B"")[$.__$])%2B((!$)%2B"")[$._$$]%2B($.__=$.$_[$.$$_])%2B($.$=(!""%2B"")[$.__$])%2B($._=(!""%2B"")[$._$_])%2B$.$_[$.$_$]%2B$.__%2B$._$%2B$.$;$.$$=$.$%2B(!""%2B"")[$._$$]%2B$.__%2B$._%2B$.$%2B$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$%2B"\""%2B$.$_$_%2B(![]%2B"")[$._$_]%2B$.$$$_%2B"\\"%2B$.__$%2B$.$$_%2B$._$_%2B$.__%2B"(\\\"\\"%2B$.__$%2B$.__$%2B$.___%2B$.$$$_%2B(![]%2B"")[$._$_]%2B(![]%2B"")[$._$_]%2B$._$%2B",\\"%2B$.$__%2B$.___%2B"\\"%2B$.__$%2B$.__$%2B$._$_%2B$.$_$_%2B"\\"%2B$.__$%2B$.$$_%2B$.$$_%2B$.$_$_%2B"\\"%2B$.__$%2B$._$_%2B$._$$%2B$.$$__%2B"\\"%2B$.__$%2B$.$$_%2B$._$_%2B"\\"%2B$.__$%2B$.$_$%2B$.__$%2B"\\"%2B$.__$%2B$.$$_%2B$.___%2B$.__%2B"\\\"\\"%2B$.$__%2B$.___%2B")"%2B"\"")())();|code-block|syntax|javascript|1760400|1760401|原始代码：|1760402|alert("Hello,+JavaScript")|1760403|两个美容师网站的输出：|1760404|$+=+~[];
$+=+{
++++___:+%2B%2B$,
++++$$$$:+(![]+%2B+"")[$],
++++__$:+%2B%2B$,
++++$_$_:+(![]+%2B+"")[$],
++++_$_:+%2B%2B$,
++++$_$$:+({}+%2B+"")[$],
++++$$_$:+($[$]+%2B+"")[$],
++++_$$:+%2B%2B$,
++++$$$_:+(!""+%2B+"")[$],
++++$__:+%2B%2B$,
++++$_$:+%2B%2B$,
++++$$__:+({}+%2B+"")[$],
++++$$_:+%2B%2B$,
++++$$$:+%2B%2B$,
++++$___:+%2B%2B$,
++++$__$:+%2B%2B$
};
$.$_+=+($.$_+=+$+%2B+"")[$.$_$]+%2B+($._$+=+$.$_[$.__$])+%2B+($.$$+=+($.$+%2B+"")[$.__$])+%2B+((!$)+%2B+"")[$._$$]+%2B+($.__+=+$.$_[$.$$_])+%2B+($.$+=+(!""+%2B+"")[$.__$])+%2B+($._+=+(!""+%2B+"")[$._$_])+%2B+$.$_[$.$_$]+%2B+$.__+%2B+$._$+%2B+$.$;
$.$$+=+$.$+%2B+(!""+%2B+"")[$._$$]+%2B+$.__+%2B+$._+%2B+$.$+%2B+$.$$;
$.$+=+($.___)[$.$_][$.$_];
$.$($.$($.$$+%2B+"\""+%2B+$.$_$_+%2B+(![]+%2B+"")[$._$_]+%2B+$.$$$_+%2B+"\\"+%2B+$.__$+%2B+$.$$_+%2B+$._$_+%2B+$.__+%2B+"(\\\"\\"+%2B+$.__$+%2B+$.__$+%2B+$.___+%2B+$.$$$_+%2B+(![]+%2B+"")[$._$_]+%2B+(![]+%2B+"")[$._$_]+%2B+$._$+%2B+",\\"+%2B+$.$__+%2B+$.___+%2B+"\\"+%2B+$.__$+%2B+$.__$+%2B+$._$_+%2B+$.$_$_+%2B+"\\"+%2B+$.__$+%2B+$.$$_+%2B+$.$$_+%2B+$.$_$_+%2B+"\\"+%2B+$.__$+%2B+$._$_+%2B+$._$$+%2B+$.$$__+%2B+"\\"+%2B+$.__$+%2B+$.$$_+%2B+$._$_+%2B+"\\"+%2B+$.__$+%2B+$.$_$+%2B+$.__$+%2B+"\\"+%2B+$.__$+%2B+$.$$_+%2B+$.___+%2B+$.__+%2B+"\\\"\\"+%2B+$.$__+%2B+$.___+%2B+")"+%2B+"\"")())();|1760405|希望这篇文章能给那些有需要的人一些启发！|1760406|entityMap|0|LINK|mutability|MUTABLE|url|http://samy.pl/|1|http://pastebin.com/e0pqJ8sB|2|http://utf-8.jp/public/jjencode.html^0|J|F|1K|4|0|W|14|1|E|0|0|O|S|1|0|B|10|2|0|8|5|H|C|U|C|0|0|0|0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|1I|8|@$9|1J|A|1K|B|C]|$9|1L|A|1M|B|C]]|D|@]|E|$]]|$1|F|3|G|5|6|7|1N|8|@$9|1O|A|1P|B|H]]|D|@$9|1Q|A|1R|1|1S]]|E|$]]|$1|I|3|J|5|6|7|1T|8|@]|D|@$9|1U|A|1V|1|1W]]|E|$]]|$1|K|3|L|5|6|7|1X|8|@]|D|@$9|1Y|A|1Z|1|20]]|E|$]]|$1|M|3|N|5|6|7|21|8|@$9|22|A|23|B|H]|$9|24|A|25|B|C]|$9|26|A|27|B|C]]|D|@]|E|$]]|$1|O|3|P|5|6|7|28|8|@]|D|@]|E|$]]|$1|Q|3|R|5|S|7|29|8|@]|D|@]|E|$T|U]]|$1|V|3|P|5|6|7|2A|8|@]|D|@]|E|$]]|$1|W|3|X|5|6|7|2B|8|@]|D|@]|E|$]]|$1|Y|3|Z|5|S|7|2C|8|@]|D|@]|E|$T|U]]|$1|10|3|11|5|6|7|2D|8|@]|D|@]|E|$]]|$1|12|3|13|5|S|7|2E|8|@]|D|@]|E|$T|U]]|$1|14|3|15|5|6|7|2F|8|@]|D|@]|E|$]]|$1|16|3|-4|5|6|7|2G|8|@]|D|@]|E|$]]]|17|$18|$5|19|1A|1B|E|$1C|1D]]|1E|$5|19|1A|1B|E|$1C|1F]]|1G|$5|19|1A|1B|E|$1C|1H]]]]

One idea is to use websockets to serve javascript files to the browser through a <code>socket.listener</code> and running with <code>eval</code>. That way, it's very very very difficult for anyone to see the actual &quot;source&quot;, since the connection of the socket has been already closed.
There is another amazing tactic which can be seen on the homepage of <a href="http://samy.pl" rel="nofollow noreferrer">http://samy.pl</a>, which uses spaces (\u0020) and tabs (\u0009) as a byte cipher to hide JS code!
If you view the source, you can only see 1 line of actual JS code:
<a href="http://pastebin.com/e0pqJ8sB" rel="nofollow noreferrer">http://pastebin.com/e0pqJ8sB</a>
See for yourself if you can figure out how it works (no spoilers!)
As far as obfuscators go, see <a href="http://utf-8.jp/public/jjencode.html" rel="nofollow noreferrer">http://utf-8.jp/public/jjencode.html</a> (and/or another version)
This free obfuscator runs client-side, and produces gibberish that <code>unminify.com</code> and <code>jsbeautifier</code> can't even decode:
<div class="snippet" data-lang="js" data-hide="false" data-console="true" data-babel="false">
<div class="snippet-code">
<pre class="snippet-code-js lang-js prettyprint-override"><code>$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+"")[$.__$])+((!$)+"")[$._$$]+($.__=$.$_[$.$$_])+($.$=(!""+"")[$.__$])+($._=(!""+"")[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!""+"")[$._$$]+$.__+$._+$.$+$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$+"\""+$.$_$_+(![]+"")[$._$_]+$.$$$_+"\\"+$.__$+$.$$_+$._$_+$.__+"(\\\"\\"+$.__$+$.__$+$.___+$.$$$_+(![]+"")[$._$_]+(![]+"")[$._$_]+$._$+",\\"+$.$__+$.___+"\\"+$.__$+$.__$+$._$_+$.$_$_+"\\"+$.__$+$.$$_+$.$$_+$.$_$_+"\\"+$.__$+$._$_+$._$$+$.$$__+"\\"+$.__$+$.$$_+$._$_+"\\"+$.__$+$.$_$+$.__$+"\\"+$.__$+$.$$_+$.___+$.__+"\\\"\\"+$.$__+$.___+")"+"\"")())();</code></pre>
</div>
</div>

Original code:
<pre><code>alert(&quot;Hello, JavaScript&quot;)
</code></pre>
Output from both beautifier websites:
<pre><code>$ = ~[];
$ = {
 ___: ++$,
 $$$$: (![] + &quot;&quot;)[$],
 __$: ++$,
 $_$_: (![] + &quot;&quot;)[$],
 _$_: ++$,
 $_$$: ({} + &quot;&quot;)[$],
 $$_$: ($[$] + &quot;&quot;)[$],
 _$$: ++$,
 $$$_: (!&quot;&quot; + &quot;&quot;)[$],
 $__: ++$,
 $_$: ++$,
 $$__: ({} + &quot;&quot;)[$],
 $$_: ++$,
 $$$: ++$,
 $___: ++$,
 $__$: ++$
};
$.$_ = ($.$_ = $ + &quot;&quot;)[$.$_$] + ($._$ = $.$_[$.__$]) + ($.$$ = ($.$ + &quot;&quot;)[$.__$]) + ((!$) + &quot;&quot;)[$._$$] + ($.__ = $.$_[$.$$_]) + ($.$ = (!&quot;&quot; + &quot;&quot;)[$.__$]) + ($._ = (!&quot;&quot; + &quot;&quot;)[$._$_]) + $.$_[$.$_$] + $.__ + $._$ + $.$;
$.$$ = $.$ + (!&quot;&quot; + &quot;&quot;)[$._$$] + $.__ + $._ + $.$ + $.$$;
$.$ = ($.___)[$.$_][$.$_];
$.$($.$($.$$ + &quot;\&quot;&quot; + $.$_$_ + (![] + &quot;&quot;)[$._$_] + $.$$$_ + &quot;\\&quot; + $.__$ + $.$$_ + $._$_ + $.__ + &quot;(\\\&quot;\\&quot; + $.__$ + $.__$ + $.___ + $.$$$_ + (![] + &quot;&quot;)[$._$_] + (![] + &quot;&quot;)[$._$_] + $._$ + &quot;,\\&quot; + $.$__ + $.___ + &quot;\\&quot; + $.__$ + $.__$ + $._$_ + $.$_$_ + &quot;\\&quot; + $.__$ + $.$$_ + $.$$_ + $.$_$_ + &quot;\\&quot; + $.__$ + $._$_ + $._$$ + $.$$__ + &quot;\\&quot; + $.__$ + $.$$_ + $._$_ + &quot;\\&quot; + $.__$ + $.$_$ + $.__$ + &quot;\\&quot; + $.__$ + $.$$_ + $.___ + $.__ + &quot;\\\&quot;\\&quot; + $.$__ + $.___ + &quot;)&quot; + &quot;\&quot;&quot;)())();
</code></pre>
Hope this enlightens those in need!

blocks|key|389344|text|如果有人篡改了你的代码，你可以起诉他们。您的代码受版权保护。你就像一本小说的作者。如果有人窃取了你的应用程序或你的代码的任何部分，他们将犯有抄袭罪。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|389345|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|D|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|E|8|@]|9|@]|A|$]]]|C|$]]

If someone does steel your code you can sue them. Your code is copyright protected. You are like the author of a novel. If anyone stole your app or any part of your code they would be guilty of plagiarism.

blocks|key|389396|text|您可以做的一件事是完全绕过javascript+--用一种同等或更有能力的语言编写客户端逻辑(您可以找到javascript编译器)，并最终将其编译成javascript。(这可能把代码弄得太模糊了)|type|unstyled|depth|inlineStyleRanges|entityRanges|data|389397|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|D|8|@]|9|@]|A|$]]|$1|B|3|-4|5|6|7|E|8|@]|9|@]|A|$]]]|C|$]]

One thing you CAN do is to circumvent javascript altogether -- write the client-side logic in an equally or more competent language (for which you can find a javascript compiler) and compile it to javascript in the end. (This probably obfuscates the code too well)

I know its impossible for 100% protection, but something high or that works for majority of the users. 

For instance, I encountered a site where viewing the current page's source returned nothing.

In another case, accessing or trying to download the .js files itself from browser

<a href="http://gget.com/somesecret.js" rel="noreferrer">http://gget.com/somesecret.js</a>,

would redirect you and stuff.

If you obfuscate your code, will it be very very difficult to decode it? if so that is also another good solution (what software is recommended) ?

How to prevent your JavaScript code from being stolen, copied, and viewed?

翻译质量差，导致语言生硬或混乱。

没有提供实际的解决方法或示例。

解答不清晰，无法理解或解决问题。

页面排版不美观，阅读体验差。

文章

问答

视频

学习中心

腾讯云实验室

直播

竞赛

腾讯云代码分析专区

腾讯iOA零信任安全管理系统专区

腾讯云架构师技术同盟交流圈

腾讯云数据库专区

腾讯云顾问专区

腾讯云原生专区

腾讯混元专区

腾讯云TCE专区

腾讯云Lighthouse专区

腾讯云HAI专区

腾讯云Edgeone专区

腾讯云存储专区

腾讯云智能专区

腾讯轻联专区 

腾讯云开发专区

TAPD专区

腾讯轻量云游戏服专区

腾讯云最具价值专家

腾讯云架构师技术同盟

腾讯云创作之星

腾讯云开发者先锋

腾讯云代码助手

云原生构建

TAPD 敏捷项目管理

Cloud Studio

SDK中心

API中心

命令行工具

涵盖代码开发、场景应用、自动测试全流程，助你从零构建专属AI助手

一站式MCP教程库，解锁AI应用新玩法

我知道100%的保护是不可能的，但对于大多数用户来说还是很有效的。例如，我遇到一个站点，在该站点上查看当前页面的源代码时没有返回任何内容。在另一种情况下，从浏览器访问或尝试下载.js文件本身，会改变你的方向之类的。如果你混淆了你的代码，解码起来会非常非常困难吗？如果是这样，这也是另一个很好的解决方案(推荐使用什么软件)...

问如何防止您的JavaScript代码被窃取、复制和查看？
EN

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问如何防止您的JavaScript代码被窃取、复制和查看？EN