Solved

using PHP to obfuscate Javascript

Posted on 2008-06-24
6
798 Views
Last Modified: 2013-11-05
Hello experts--

I have a web application loads 20k lines of Javascript one time into a huge combined .JS file that I would like to obfuscate for protection.  Ideally, I'd like to download a nifty library or function that someone has wrote for  javascript obfuscation in PHP, but I am open to suggestions.   Any ideas on how I can accomplish this?
0
Comment
Question by:Discomonkey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 82

Expert Comment

by:hielo
ID: 21859386
Refer to the PHP Version of packer:
http://dean.edwards.name/download/#packer
0
 
LVL 48

Expert Comment

by:hernst42
ID: 21859399
0
 
LVL 1

Author Comment

by:Discomonkey
ID: 21859930
My initial tests seem to be failing, I am getting a bunch of <li> </li> in my source?


Usage:
$js = $os->build_javascript(); // returns string
$packer = new JavaScriptPacker($js, 'None', true, false);
$packed = $packer->pack();
print $packed;
 
 
 
Result:
 
....
<li>\
3<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-autorun"/>\
4<a id="viewShortcuts"href="#">Shortcuts</a><br />\
5<span>Choose which applications appear in your shortcuts.</span>\
6</li>\
7<li>\
8<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-autorun"/>\
9<a id="viewAutoRun"href="#">Auto Run Apps</a><br />\
10<span>Choose which applications open automatically once logged in.</span>\
11</li>\
12<li>\
13<img src="'+Ext.BLANK_IMAGE_URL+'"class="icon-pref-quickstart"/>\
14<a id="viewQuickstart"href="#">Quick Start Apps</a><br />\
15<span>Choose which applications appear in your Quick Start panel.</span>\
16</li>\
17<li>\
...

Open in new window

0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 82

Expert Comment

by:hielo
ID: 21861507
Where is the javascript code you want to pack. Assuming you wanted to pack the following:
var x="hello world";
alert(x);

then you would need to "feed" the javascript statements to the packer (notice how the PHP variable $script is being assigned the actual javascript code which is then fed to JavaScriptPacker):

$script = <<<EOF_JS
var x="hello world";
alert(x);
EOF_JS;
 
$packer = new JavaScriptPacker($script, 'None', false, true);
$packed = $packer->pack();
echo $packed;

Open in new window

0
 
LVL 1

Author Comment

by:Discomonkey
ID: 21861776
$os->build_javascript() is a method that returns a very long string that represents a combination of several javascripts.   I call this method from my head like this like:

<script type="text/javascript"  src="javascript.php"></script>

so it pulls all of the javascript I need.  Ordinarily, I just print the response, but I am trying to use the packer now to pack it then print it.

Is it valid to feed my javascript the way I am currently doing so?  I realize that some of the javascript variable names that are in my javascript code are dependent on values in my database, which will make obfuscation of those javascript variables impossible!
0
 
LVL 82

Accepted Solution

by:
hielo earned 250 total points
ID: 21866055
>>Is it valid to feed my javascript the way I am currently doing so?  
IF infact $os->build_javascript() returns only javascript code then yes.

>>I realize that some of the javascript variable names that are in my javascript code are dependent on values in my database
Again, the code you need to feed to packer is only the javascript code - the code resulting AFTER evaluating your db data/variables.

As for the code above (ID:21859930), perhaps you have invalid javascript code. What are those trailing \ supposed to be? IF you are constructing javascript dynamically, then you can't have a single statement span across multiple lines (like you do in PHP) without concatenating them.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question