How could I use CGI to hide my javascript code?

Plankton has asked for the wisdom of the Perl Monks concerning the following question:

Dear Wise Monks,

I search the internet for a solution to the question, "How do I hide my javascript code?". The only suitable solution I have so far is to use PHP like so:

Create an html file containing:

<?php session_start();

$_SESSION['js'] = true;

?>

<html>
<head>

<script type="text/javascript" src="javascript.php"></script>
<title>Untitled Document</title>
</head>
</html>
[download]

And have the javascript.php file that looks like this ...

<?php session_start(); if($_SESSION['js'] == true){ ?>

document.write("Hello World!");

<?php } $_SESSION['js'] = false; ?>
[download]

I pretty sure the same thing can be done Perl also either via CGI or mod_perl. Has anyone done this? If so could please share your solution with me? I really don't want to hassle with installing PHP.

Thanks!

Update: I went ahead and installed PHP and this PHP code does not work :(

Comment on How could I use CGI to hide my javascript code? Select or Download Code

Replies are listed 'Best First'.
Re: How could I use CGI to hide my javascript code? by sflitman (Hermit) on Jan 24, 2009 at 05:04 UTC
You can't hide your javascript code. Anybody can always see everything that gets loaded to a browser. If I see code I like, like at a big commercial site, I can view page source, see what the src attribute is for a `<script>` tag, and then copy and paste that to the address bar to make a url which will display it. That said, you can obfuscate your code, but it's a hassle. Far better to write your application in Perl like ikegami says with CGI::Session and that way the serious code is hidden on the server. Just watch how your server is configured so .cgi files are not displayed as text! HTH, SSF	[reply] [d/l]
Re^2: How could I use CGI to hide my javascript code? by ikegami (Patriarch) on Jan 24, 2009 at 06:21 UTC
If I see code I like, like at a big commercial site, I can view page source, see what the src attribute is for a `<script>` tag, and then copy and paste that to the address bar to make a url which will display it. That won't work with the code the OP and I posted, although it's easily defeated by other means (turn off JS, reload the page, then follow the steps you listed). Far better to write your application in Perl like ikegami says with CGI::Session and that way the serious code is hidden on the server. While I agree with everything you say, I didn't suggest CGI::Session as an alternative to the OP's code, but as an equivalent to the OP's code.	[reply] [d/l]
Re^2: How could I use CGI to hide my javascript code? by Anonymous Monk on Jan 24, 2009 at 05:33 UTC
Or with Firefox use the "Web Developer" plugin, and chose "Information => View Javascript", and presto, all the javascript loaded on the current page. You can't hide javascript.	[reply]
Re: How could I use CGI to hide my javascript code? by ikegami (Patriarch) on Jan 24, 2009 at 03:41 UTC
CGI::Session can provide a session. `...Setup the session and output CGI headers... $session->param(js => 1); print <<'__EOI__'; <html> <head> <script type="text/javascript" src="javascript.php"></script> <title>Untitled Document</title> </head> </html> __EOI__` [download] `...Setup the session and output CGI headers... if ($session->param('js')) { print <<'__EOI__'; document.write("Hello World!"); __EOI__ } $session->param(js => 0);` [download]	[reply] [d/l] [select]
Re: How could I use CGI to hide my javascript code? by jplindstrom (Monsignor) on Jan 24, 2009 at 15:08 UTC
It depends on why you want to do it. If the code/data is confidential, or sensitive, or a security hole, then you can't. Anyone determined enough can figure out what's served to the browser to execute. Code of this nature needs to be run on the server. If it's just you not wanting to have your code copied and used by others, the method you describe may be enough to deter enough people. To make it less valuable to others, you could also obfuscate or minify it. I'm sure you can Google for methods and tools for doing that. /J	[reply]
Re: How could I use CGI to hide my javascript code? by BrowserUk (Patriarch) on Jan 24, 2009 at 13:02 UTC
If you want me to to run your code on my machine, then not only should you not try to hide it, you'd better ensure that it is as clear, concise and transparent in its operations as possible. Because unless I can get a pretty good idea of what your code is doing the first time I visit, then I'm never going to enable JS for your site. And if that means your site doesn't work for me, then so be it. Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error. "Science is about questioning the status quo. Questioning authority". In the absence of evidence, opinion is indistinguishable from prejudice. "Too many [] have been sedated by an oppressive environment of political correctness and risk aversion."	[reply]
Re: How could I use CGI to hide my javascript code? by dsheroh (Monsignor) on Jan 24, 2009 at 13:36 UTC
Javascript runs in the user's browser. How, pray tell, would the browser run code which is hidden from it?	[reply]
Re^2: How could I use CGI to hide my javascript code? by ww (Archbishop) on Jan 24, 2009 at 14:30 UTC
Re "runs in the user's browser" and JFTR, http://en.wikipedia.org/wiki/Server-side_JavaScript	[reply]
Re: How could I use CGI to hide my javascript code? by CountZero (Bishop) on Jan 24, 2009 at 23:28 UTC
Why do you want to hide your code? Are you ashamed of it? CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James	[reply]


Keep It Simple, Stupid
	PerlMonks