Posted By: Anonymous
I know it is possible to obfuscate the code, but I would prefer it being hidden from the view source feature.
I’m not sure anyone else actually addressed your question directly which is code being viewed from the browser’s View Source command.
If you wanted to really make it more work to view the source, you would do all of the following:
- Put it in an external .js file.
- Obfuscate the file so that most native variable names are replaced with short versions, so that all unneeded whitespace is removed, so it can’t be read without further processing, etc…
- Dynamically include the .js file by programmatically adding script tags (like Google Analytics does). This will make it even more difficult to get to the source code from the View Source command as there will be no easy link to click on there.
- Put as much interesting logic that you want to protect on the server that you retrieve via ajax calls rather than do local processing.
With all that said, I think you should focus on performance, reliability and making your app great. If you absolutely have to protect some algorithm, put it on the server, but other than that, compete on being the best at you do, not by having secrets. That’s ultimately how success works on the web anyway.