How to protect JavaScript code from being copied

10.06.18 IT / JavaScript 5273

Development in JavaScript (JS) is in great demand today, each site has a significant part of the functionality implemented in this language. The possibilities of the modern language are quite large. So the question is how to protect the JS code .

You can use some means to protect your code. Since the code is always passed to the client side, it means that he can always reproduce it and therefore copy it. Then it seems that it is impossible to protect in any case. But you can use some methods.

Having finished developing the code, you also need to develop a second version, protected. The first version will be needed to maintain the code by the developer, the second for distribution. The second version should contain security mechanisms . Implementation of protection is labor-intensive, in fact, you have to almost re-develop all the functionality. There are various degrees of code protection, respectively, the complexity of the development depends on what degree.

In the simplest case, you need to rewrite the names of functions, variable names, etc., so that they are not understandable to the one who will analyze your code. Then you can implement a kind of puzzle in the code to confuse the process of parsing the code. All names used in the code can be stored in a special array that will be preloaded from a separate source. It is possible to encrypt names on the server side and pass them encrypted to the client along with a specific decryption code that will be used in your JS code for dynamic decryption . Moreover, it is also possible to dynamically change the encryption mechanism, which makes it almost impossible to calculate how your code works.

If you provide your JS code for a certain period paid by the client, you can also provide a temporary key for the code to work. In this case, the client is given only a part of the program, which looks like a complete version, the rest of the code will be provided upon request to the remote server , which will return the code only after key verification .

After all the specified protection mechanisms have been introduced into the code, it is important to minify all code , then qualitatively obfuscate . The basic ways of protecting JS code are considered, but they are also able to sufficiently protect the code from copying. In such cases, it will be much easier for someone who tries to understand your code to develop the code from scratch, or he will not undertake deciphering at all, since this is impractical.