This article mainly introduces the ideas and methods for implementing client-side js encryption in NodeJS, which has some reference value. Let's take a look at the ideas below:
Service-side rendering service code js =>
Pre-and post-end agreed encryption algorithm =>
Sign the Business Code =>
Client decryption business code =>
Eval execution
Node routing example:
/*** Please customize restful API. Here, GET is used as an example * @ param {req} * @ param {res} * @ return {next ()} * /// var util = require ('ity ity '); exports. encryption = function (req, res) {// GET var name = req. query. name, jsStr // js script used for server rendering, doc = {n: 'request parameter supported ',}; // isSafe: regular security character judgment if (fun. isSafe (name) doc ['n'] = name; ////////////// the Javascript business code to be encrypted start //////////////// //// jsStr = function (n) {alert ('start executing Business Code ~ ') // Variable N can be the information that needs to be rendered by the server. // function sayHello (s) {alert (' you entered: '+ s);} sayHello (n ); ///} // The js business code to be encrypted end //////////// //// // jsStr = '(' + jsStr. toString () + ') ("' + (name? Doc. n: 'default ') +' ") '; var key = util. md5 ('highsea90' + Date. now () var resStr = myFromCharCode (key, jsStr); res. render ('cm/eval', {title: 'js encrypted demo', charCode: escape (myFromCharCode. toString (), data: escape (resStr), key: key })}; /*** @ param {m} key * @ param {text} text * @ return {last} encrypted text */function myFromCharCode (m, text) {var last = ''; for (var I = 0, l = text. length; I <l; I ++) {for (var j = 0, k = m. length; j <k; j ++) {var key = m. charCodeAt (j), text2 = text. charCodeAt (I) ^ key} last + = String. fromCharCode (text2);} return last ;}
Client page example:
<% = Title %>