Obfuscate Javascript Code


For security reasons, it would be nice to have an option to enable obfuscation (scramble) for all automated Outsystems' javascript code for reactive applications.

Created on 8 Apr
Comments (8)

In production, the javascript should be always obfuscated but can be set in lifetime as the other security options.

Security through obscurity !! My vote goes for it.

when you do use obfuscation libraries definitely it generates teh code , which is lot larger than original text, and de-obfuscate libraries  are used at run time during execution. wouldn't that impact performance. 

I'm not aware that obfuscation requires de-obfuscation as well. Obfuscation tools typically rename all of the methods, properties, etc. in your code, but also updates any references to those methods, properties, etc. elsewhere in the code. So the code's purpose is hidden, but it still works like it did before with no reversing step (de-obfuscation). 

As I understand it as well, obfuscated code isn't any bigger than the original code, it should actually be smaller. 

Apparently I was wrong about the size, there are options where the file would be bigger. 

I looks like in terms of sizing, you mixed up the minification and obfuscation, John ;-)

I didn't, but I wasn't aware that obfuscation added code, junk code, to the app. My bad :-)

Changed the category to Frontend