Solved

using PHP to obfuscate Javascript

Posted on 2008-06-24
6
753 Views
Last Modified: 2013-11-05
Hello experts--

I have a web application loads 20k lines of Javascript one time into a huge combined .JS file that I would like to obfuscate for protection.  Ideally, I'd like to download a nifty library or function that someone has wrote for  javascript obfuscation in PHP, but I am open to suggestions.   Any ideas on how I can accomplish this?
0
Comment
Question by:Discomonkey
  • 3
  • 2
6 Comments
 
LVL 82

Expert Comment

by:hielo
ID: 21859386
Refer to the PHP Version of packer:
http://dean.edwards.name/download/#packer
0
 
LVL 48

Expert Comment

by:hernst42
ID: 21859399
0
 
LVL 1

Author Comment

by:Discomonkey
ID: 21859930
My initial tests seem to be failing, I am getting a bunch of <li> </li> in my source?


Usage:

$js = $os->build_javascript(); // returns string

$packer = new JavaScriptPacker($js, 'None', true, false);

$packed = $packer->pack();

print $packed;
 
 
 

Result:
 

....

<li>\

3<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-autorun"/>\

4<a id="viewShortcuts"href="#">Shortcuts</a><br />\

5<span>Choose which applications appear in your shortcuts.</span>\

6</li>\

7<li>\

8<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-autorun"/>\

9<a id="viewAutoRun"href="#">Auto Run Apps</a><br />\

10<span>Choose which applications open automatically once logged in.</span>\

11</li>\

12<li>\

13<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-quickstart"/>\

14<a id="viewQuickstart"href="#">Quick Start Apps</a><br />\

15<span>Choose which applications appear in your Quick Start panel.</span>\

16</li>\

17<li>\

...

Open in new window

0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 82

Expert Comment

by:hielo
ID: 21861507
Where is the javascript code you want to pack. Assuming you wanted to pack the following:
var x="hello world";
alert(x);

then you would need to "feed" the javascript statements to the packer (notice how the PHP variable $script is being assigned the actual javascript code which is then fed to JavaScriptPacker):

$script = <<<EOF_JS

var x="hello world";

alert(x);

EOF_JS;

 

$packer = new JavaScriptPacker($script, 'None', false, true);

$packed = $packer->pack();

echo $packed;

Open in new window

0
 
LVL 1

Author Comment

by:Discomonkey
ID: 21861776
$os->build_javascript() is a method that returns a very long string that represents a combination of several javascripts.   I call this method from my head like this like:

<script type="text/javascript"  src="javascript.php"></script>

so it pulls all of the javascript I need.  Ordinarily, I just print the response, but I am trying to use the packer now to pack it then print it.

Is it valid to feed my javascript the way I am currently doing so?  I realize that some of the javascript variable names that are in my javascript code are dependent on values in my database, which will make obfuscation of those javascript variables impossible!
0
 
LVL 82

Accepted Solution

by:
hielo earned 250 total points
ID: 21866055
>>Is it valid to feed my javascript the way I am currently doing so?  
IF infact $os->build_javascript() returns only javascript code then yes.

>>I realize that some of the javascript variable names that are in my javascript code are dependent on values in my database
Again, the code you need to feed to packer is only the javascript code - the code resulting AFTER evaluating your db data/variables.

As for the code above (ID:21859930), perhaps you have invalid javascript code. What are those trailing \ supposed to be? IF you are constructing javascript dynamically, then you can't have a single statement span across multiple lines (like you do in PHP) without concatenating them.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
JavaScript can be used in a browser to change parts of a webpage dynamically. It begins with the following pattern: If condition W is true, do thing X to target Y after event Z. Below are some tips and tricks to help you get started with JavaScript …
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now