Current location - Quotes Website - Signature design - What is the encryption of JS help front end?
What is the encryption of JS help front end?
I wrote js obfuscator and talked about some simple personal views.

Personally, the unreadable processing of js can be divided into three aspects: compression, confusion and encryption. Illiteracy handling, a term I invented myself, can be called all code conversion that will increase the readability of the code. "Improving the readability of code" may be the result or purpose of code conversion.

1. compression

The purpose of this operation is to make the final code transmission amount (not representing the code amount or file amount) as small as possible. Tools for compressing js, such as YUI compressor, UglifyJS and Google Closure compiler, are very common.

Usually, in the process of code compression, only the syntax of the code is changed, and the semantics and control flow of the code will not change much.

The usual practice is to shorten local variables and replace some operations equivalently. Code compression is helpful for code protection, but it doesn't play much role because the semantics and control flow are basically unchanged.

On the compression level, the unreadable code is only collateral damage, not the ultimate goal.

confuse

The purpose of this operation is to make the code as unreadable as possible, mainly for code protection.

Make the code unreadable and increase the difficulty of analysis, which is the only purpose. It doesn't matter if the file size doubles after confusion, it doesn't matter if the code changes more, and it doesn't matter if the operation is slow by 50%.

Common practices include: separating constants, disrupting control flow, adding meaningless code, checking the running environment, and attacking if it is wrong.

On the chaotic level, unreadable code is the ultimate goal.

It is worth mentioning that the advanced compression of Google Closure compiler is to compress the members of classes and objects. The compression results are difficult to analyze and can be considered as confusion, but the compatibility is not very good.

Advertising time: I wrote js obfuscator. Its Chinese name is "Powerful JS Compiler" and its English name is Impressive JS. Segment.Compeller. It looks like a powerful JS compiler.

encrypt

To be honest, it is difficult for me to define encryption, because encryption has too many ambiguities in the Web world.

Where there is encryption, there is decryption, which means that the encryption operation is reversible and the ciphertext can be civilized.

In this way, in the Web world, what can be called encryption includes: HTTPS transmission, symmetric encryption or asymmetric encryption realized by JavaScript, and so on.

In this way, irreversible code compression and confusion can not be classified as encryption.

If we have to find something that can be called encryption and is often misunderstood as compression and confusion, Dean Packer/Unpacker in Dean Edwards can be used as an example.

For example, we put varnum =1; Alarm (number);

Enter Dean Packer and package to get such a string of things. Does it look like compressed chaotic code?

Unpack the string of things with unclear meaning above and get the original text.

In fact, Dean Packer only did a string conversion on the source code, and did not go deep into the code syntax level. You can try Hello World, Hello Senior.

Online JavaScript beautifier can easily restore this string of things to "hello world, hello teacher, hello sister".

It can be seen that code encryption refers to: reversible transformation (encryption) of code plaintext to generate ciphertext; Plaintext can be recovered by inverse transformation (decryption) of ciphertext; The final running environment is to run the decryption code.

label

In fact, the three concepts of compression, confusion and encryption are still quite unclear. I would like to express some personal views here, hoping to help.

In a real project, I am a combination of various means:

For projects that don't need code protection, such as personal blogs, it is enough to do code compression and speed up loading.

For projects that need some code protection to prevent plagiarism, you can add some developer information and protection code to the source code, and then confuse compression. It's a pity that I'm always not very good at this. Gentlemen guard against villains, but I can't. Ha ha.

For projects that need strict encryption, we can use various means such as confusion, compression, encryption and signature check. I'm not sure about this. I'll wait for my aunt to supplement it.

Related articles
  • Is it illegal to sign without others' knowledge? .
  • Does the original god like fluorescence?
  • The movie "Broken Bridge" officially announced the lineup and released a poster at the same time. Whose poster do you think is the most impressive?
  • Wechat court prosecution process
  • Is it legal to send the contents of the contract to the other party through WeChat, and the other party clearly agrees? Can you replace the handwritten signature of a paper contract?
  • What are the theatrical editions of Diga Altman?
  • Humor at work qq signature selection
  • There used to be a group name.
  • I can't move the electronic signature How?
  • About Stefanie Sun¡¯s ¡°shooting¡± incident

    • copyright 2024 Quotes Website All rights reserved