I would like to know if anybody else is using Obfuscator to hash parts of scripting?
@Joost Rongen AFAIK, you cannot really hide something completely in JS, just make it harder to analyze the code. However, is it worth it?
1. It should be nearly impossible to spy on your JS from another process, so it should be safe as long as your users are not allowed to access your application’s code/executable.
2. The token usually belongs to the end-user, so why should you keep them from knowing it? Sure they could do some stupid things with it but they would be responsible. Also, it could be considered “personal data” for the RGPD and EU citizens should be able to access their own personal data.
The token hes talking about is for his app to communicate with a 3rd party service, and wont be user specific. Google Maps is like this. [quote=445452:@StphaneMons] It should be nearly impossible to spy on your JS from another process, so it should be safe as long as your users are not allowed to access your application’s code/executable.[/quote]
Keep in mind that even if the function is scrambled, users can still execute the code if they can find it.
Does the 3rd party offer any restrictions on token usage? Perhaps being able to limit them to coming from a particular domain?
@Greg O’Lone Well you are so much more knowledgeable than me that I won’t try to argue.
Oh and this is a compliment by the way
My script is real time generated by the Xojo web app since it has life data in it. It would be great if I had a function for real time obfuscation of the JS. Seems the algorithm scrambling JS is available, but that would take me a lot of time to implement it in Xojo, so I would encourage somebody else to do this.