Solved

using PHP to obfuscate Javascript

Posted on 2008-06-24
6
770 Views
Last Modified: 2013-11-05
Hello experts--

I have a web application loads 20k lines of Javascript one time into a huge combined .JS file that I would like to obfuscate for protection.  Ideally, I'd like to download a nifty library or function that someone has wrote for  javascript obfuscation in PHP, but I am open to suggestions.   Any ideas on how I can accomplish this?
0
Comment
Question by:Discomonkey
  • 3
  • 2
6 Comments
 
LVL 82

Expert Comment

by:hielo
ID: 21859386
Refer to the PHP Version of packer:
http://dean.edwards.name/download/#packer
0
 
LVL 48

Expert Comment

by:hernst42
ID: 21859399
0
 
LVL 1

Author Comment

by:Discomonkey
ID: 21859930
My initial tests seem to be failing, I am getting a bunch of <li> </li> in my source?


Usage:
$js = $os->build_javascript(); // returns string
$packer = new JavaScriptPacker($js, 'None', true, false);
$packed = $packer->pack();
print $packed;
 
 
 
Result:
 
....
<li>\
3<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-autorun"/>\
4<a id="viewShortcuts"href="#">Shortcuts</a><br />\
5<span>Choose which applications appear in your shortcuts.</span>\
6</li>\
7<li>\
8<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-autorun"/>\
9<a id="viewAutoRun"href="#">Auto Run Apps</a><br />\
10<span>Choose which applications open automatically once logged in.</span>\
11</li>\
12<li>\
13<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-quickstart"/>\
14<a id="viewQuickstart"href="#">Quick Start Apps</a><br />\
15<span>Choose which applications appear in your Quick Start panel.</span>\
16</li>\
17<li>\
...

Open in new window

0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 82

Expert Comment

by:hielo
ID: 21861507
Where is the javascript code you want to pack. Assuming you wanted to pack the following:
var x="hello world";
alert(x);

then you would need to "feed" the javascript statements to the packer (notice how the PHP variable $script is being assigned the actual javascript code which is then fed to JavaScriptPacker):

$script = <<<EOF_JS
var x="hello world";
alert(x);
EOF_JS;
 
$packer = new JavaScriptPacker($script, 'None', false, true);
$packed = $packer->pack();
echo $packed;

Open in new window

0
 
LVL 1

Author Comment

by:Discomonkey
ID: 21861776
$os->build_javascript() is a method that returns a very long string that represents a combination of several javascripts.   I call this method from my head like this like:

<script type="text/javascript"  src="javascript.php"></script>

so it pulls all of the javascript I need.  Ordinarily, I just print the response, but I am trying to use the packer now to pack it then print it.

Is it valid to feed my javascript the way I am currently doing so?  I realize that some of the javascript variable names that are in my javascript code are dependent on values in my database, which will make obfuscation of those javascript variables impossible!
0
 
LVL 82

Accepted Solution

by:
hielo earned 250 total points
ID: 21866055
>>Is it valid to feed my javascript the way I am currently doing so?  
IF infact $os->build_javascript() returns only javascript code then yes.

>>I realize that some of the javascript variable names that are in my javascript code are dependent on values in my database
Again, the code you need to feed to packer is only the javascript code - the code resulting AFTER evaluating your db data/variables.

As for the code above (ID:21859930), perhaps you have invalid javascript code. What are those trailing \ supposed to be? IF you are constructing javascript dynamically, then you can't have a single statement span across multiple lines (like you do in PHP) without concatenating them.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question