Skip to main content
Known Participant
June 7, 2017
Question

Way to protect JavaScript Code?

  • June 7, 2017
  • 3 replies
  • 2504 views

HI,

Is the only option for protecting code to obfuscate the javascript code?  For example, is there such a thing as requiring the user to enter a key  before being able to execute the javascript code on their computer like there is for TurboTax?  Forgive me if this is a novice question.  Any help will be appreciated.

Thanks.

S

This topic has been closed for replies.

3 replies

JR Boulay
Community Expert
Community Expert
June 7, 2017
Acrobate du PDF, InDesigner et Photoshopographe
Joel Geraci
Community Expert
Community Expert
June 7, 2017

Yeah - that's a good one. I use CodeKit and it has a minifier/uglifier in it.

Participant
November 29, 2017

Hi Joel.

I already use CodeKit and Atom, but I cant protect my js.
is there a way to do little obfuscation with my tools?

Joel Geraci
Community Expert
Community Expert
June 7, 2017

The only thing you can do is minify and "uglify" the JavaScript so that it's difficult (not impossible) to understand what it's doing. But users will always be able to share the exported XML. If you're looking to commercialize Actions... don't bother.

UglifyJS: Online JavaScript minifier 

suemo22Author
Known Participant
June 7, 2017

Is using the minifier similar to obfuscating?  Thx for the info.

Inspiring
June 7, 2017

No, it makes the code appear to be one line and does not change the variable names.

One can also make much of the code folder level functions so the user may see the call but not the detailed code. This would also require installing the folder level scripts on each users system. But if the user knows how to use the JavaScript console, the code could become visible. I would use a combination of all the suggestions. But this may also make maintaining the code more difficult.

Legend
June 7, 2017

There is no realistic way to protect it. Even if Acrobat were to ask for a password or something, there is other PDF software than would ignore it. Obfuscation is no protection at all, except against the most casual peek, since what software can obfuscate, other software can "un-obfuscate". This basically means that all business sensitive or personally sensitive logic has to move server side where - since it is the main vector of hacker attack - it must now be written by an experienced professional up to date with the latest hacking techniques.

JR Boulay
Community Expert
Community Expert
June 7, 2017

It's often faster to rewrite a script from scratch than to un-obfuscate an existing one.

Acrobate du PDF, InDesigner et Photoshopographe