Skillfully using ASP technology to protect DHTML Source code (turn)

Using ASP technology to protect DHTML source code skillfully
2001-8-18 Network pioneer
DHTML enables us to develop powerful Web application clients that are cross-browser compatible, interoperable, and portable. Its disadvantage is that the user can
Enough to view JavaScript code directly. This article describes how to use ASP technology to protect DHTML code to prevent someone from stealing your DHTML code.
Traditional protection Technology
As we all know, the web is inherently an insecure medium. When a user accesses a Web application or opens a Web page, all client code (HTML,
JavaScript source files and CSS styles are typically downloaded to the client buffer. Users can view, analyze, and duplicate the "view source" with just a click
Make the code.
MSDN extracts some of the Wrox "Instant JavaScript" book, which points out several ways to protect JavaScript code, specifically, see this
In
The client JavaScript code protection methods can be divided into the following categories:
A Microsoft approach: Microsoft solves client source code protection issues by publishing Windows Script Engine Version 5.0来. Source Code Pass
An ActiveX layer encoding (not encryption) is passed. See script Encoding with the Microsoft script Engine Version 5.0.
The disadvantage of this approach is that the encoded code only can be decoded by IE 5.0+, and they frankly acknowledge that the coding process is not straightforward. If you are using the other
Browsers (including earlier versions of IE), you can't access script code through the browser.
b) Fuzzy codes (code obfuscation): Some shareware, such as Jammer and Jmyth, attempt to make the code difficult to read, let the variable name
Become cluttered to prevent someone from stealing JavaScript code. The disadvantage of this approach is that any determined programmer can use a global search and replace tool to easily
To break this protection, because it simply changes the name of the variable whose meaning is ambiguous to a variable name with a definite meaning. For more information on Jammer, see
Over here.
c) Encryption: There are many scenarios and tools that can effectively encrypt JavaScript code. The main problem with encrypting client JavaScript code is the foot used to decrypt it.
This code is often easy to obtain, resulting in reverse engineering of the code is very easy. Obviously, this approach does not prevent any serious programmer from getting the source code. Although
However, we can use Java as an intermediary tool for the encryption and decryption process, but unfortunately, the applet will add unnecessary extra load to the Web page, and it will be
The Java Virtual machine version used by the browser does not work correctly. In contrast, DHTML means fast, compact, generic, and portable.
A new method
When experimenting with WML (Wireless Markup Language), I thought of a new way to protect client source code. In an ASP-based WML page, the server