Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

How could I use CGI to hide my javascript code?

by Plankton (Vicar)
on Jan 24, 2009 at 03:12 UTC ( #738643=perlquestion: print w/replies, xml ) Need Help??

Plankton has asked for the wisdom of the Perl Monks concerning the following question:

Dear Wise Monks,

I search the internet for a solution to the question, "How do I hide my javascript code?". The only suitable solution I have so far is to use PHP like so:

Create an html file containing:

<?php session_start(); $_SESSION['js'] = true; ?> <html> <head> <script type="text/javascript" src="javascript.php"></script> <title>Untitled Document</title> </head> </html>
And have the javascript.php file that looks like this ...
<?php session_start(); if($_SESSION['js'] == true){ ?> document.write("Hello World!"); <?php } $_SESSION['js'] = false; ?>

I pretty sure the same thing can be done Perl also either via CGI or mod_perl. Has anyone done this? If so could please share your solution with me? I really don't want to hassle with installing PHP.

Thanks!

Update: I went ahead and installed PHP and this PHP code does not work :(

Replies are listed 'Best First'.
Re: How could I use CGI to hide my javascript code?
by sflitman (Hermit) on Jan 24, 2009 at 05:04 UTC
    You can't hide your javascript code. Anybody can always see everything that gets loaded to a browser. If I see code I like, like at a big commercial site, I can view page source, see what the src attribute is for a <script> tag, and then copy and paste that to the address bar to make a url which will display it.

    That said, you can obfuscate your code, but it's a hassle. Far better to write your application in Perl like ikegami says with CGI::Session and that way the serious code is hidden on the server. Just watch how your server is configured so .cgi files are not displayed as text!

    HTH, SSF

      If I see code I like, like at a big commercial site, I can view page source, see what the src attribute is for a <script> tag, and then copy and paste that to the address bar to make a url which will display it.

      That won't work with the code the OP and I posted, although it's easily defeated by other means (turn off JS, reload the page, then follow the steps you listed).

      Far better to write your application in Perl like ikegami says with CGI::Session and that way the serious code is hidden on the server.

      While I agree with everything you say, I didn't suggest CGI::Session as an alternative to the OP's code, but as an equivalent to the OP's code.

      Or with Firefox use the "Web Developer" plugin, and chose "Information => View Javascript", and presto, all the javascript loaded on the current page. You can't hide javascript.
Re: How could I use CGI to hide my javascript code?
by ikegami (Pope) on Jan 24, 2009 at 03:41 UTC
    CGI::Session can provide a session.
    ...Setup the session and output CGI headers... $session->param(js => 1); print <<'__EOI__'; <html> <head> <script type="text/javascript" src="javascript.php"></script> <title>Untitled Document</title> </head> </html> __EOI__
    ...Setup the session and output CGI headers... if ($session->param('js')) { print <<'__EOI__'; document.write("Hello World!"); __EOI__ } $session->param(js => 0);
Re: How could I use CGI to hide my javascript code?
by jplindstrom (Monsignor) on Jan 24, 2009 at 15:08 UTC
    It depends on why you want to do it.

    If the code/data is confidential, or sensitive, or a security hole, then you can't. Anyone determined enough can figure out what's served to the browser to execute. Code of this nature needs to be run on the server.

    If it's just you not wanting to have your code copied and used by others, the method you describe may be enough to deter enough people.

    To make it less valuable to others, you could also obfuscate or minify it. I'm sure you can Google for methods and tools for doing that.

    /J

Re: How could I use CGI to hide my javascript code?
by BrowserUk (Pope) on Jan 24, 2009 at 13:02 UTC

    If you want me to to run your code on my machine, then not only should you not try to hide it, you'd better ensure that it is as clear, concise and transparent in its operations as possible.

    Because unless I can get a pretty good idea of what your code is doing the first time I visit, then I'm never going to enable JS for your site. And if that means your site doesn't work for me, then so be it.


    Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
    "Science is about questioning the status quo. Questioning authority".
    In the absence of evidence, opinion is indistinguishable from prejudice.
Re: How could I use CGI to hide my javascript code?
by dsheroh (Monsignor) on Jan 24, 2009 at 13:36 UTC
    Javascript runs in the user's browser.

    How, pray tell, would the browser run code which is hidden from it?

Re: How could I use CGI to hide my javascript code?
by CountZero (Bishop) on Jan 24, 2009 at 23:28 UTC
    Why do you want to hide your code? Are you ashamed of it?

    CountZero

    A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://738643]
Approved by ww
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (5)
As of 2020-12-05 15:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How often do you use taint mode?





    Results (64 votes). Check out past polls.

    Notices?