How to hide app.js, controller.js files or code?
如何隐藏app.js,控制器。js文件或代码?
They are visible in html source. Is there anyway to hide them?
它们在html源代码中是可见的。有办法把它们藏起来吗?
5 个解决方案
#1
3
- minify
- 使变小
- uglify along with minify you must uglify your code, which make it difficult to understand, it will renames the variables and function in very ugly manner, not easy to break the code.
Also you can encrypt it well, you have and have to decrypt when it is needed to use, and that can't be remain hidden from the front end tools - 随着代码的缩小,您必须对代码进行丑化,这使代码难以理解,它将以非常难看的方式重命名变量和函数,不容易破坏代码。你也可以很好地加密它,当它需要使用的时候,你必须解密它,这不能被隐藏在前端工具之外
#2
15
This cannot be done.
不能做到这一点。
But you can use tools for minify the sources. See Google Clousure and ng-min for angular.js
但是你可以使用工具来缩小来源。参见谷歌Clousure和ng-min的angular.js。
I recommend you to use grunt to build one single js file for you application, with all of your code minified. Take a look at those projects that may be useful: ng-boilerplate and yeoman - angularjs
我建议您使用grunt为您的应用程序构建一个单独的js文件,并对所有代码进行简化。看看那些可能有用的项目:ng-boilerplate和yeoman - angularjs
#3
9
You cannot hide angualrjs. Its based on Javascript. To minify, doesn't help because anyone can convert it back to human readable view (sure if anyone wants to steal your code). Any sensitive logic try to put on server side.
你不能隐藏angualrjs。其基于Javascript。缩小并不会有帮助,因为任何人都可以将它转换回人类可读的视图(当然,如果有人想偷你的代码的话)。任何敏感逻辑都要放在服务器端。
Hope it will hep,
希望它将消息灵通的,
#4
3
This is the natural behaviour of a front-end framework; you do not hide the source code. There should be no sensitive data whatsoever in your front-end, especially no passwords. Just like Stack Overflow, all the font-end code is and will always be visible to the user.
这是前端框架的自然行为;不隐藏源代码。在你的前端应该没有任何敏感的数据,特别是没有密码。就像Stack Overflow一样,用户可以看到所有的字体端代码。
#5
3
You can hide your javascript code using NGINX server subrequest.
您可以使用NGINX服务器子请求隐藏javascript代码。
If you have /admin
route in angular, backbone or other js framework and you want to hide it for unauthorized users, you can make subrequest in NGINX to backend, which checks if user is authorized. If not, then you throw 404 or make redirect to homepage.
如果你有/admin路径在角、主干或其他js框架中,你想要隐藏它给未经授权的用户,你可以在NGINX中向后端发出子请求,它会检查用户是否被授权。如果没有,你就抛出404或重定向到主页。
This is nginx module which contains more details: http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
这是nginx模块,它包含更多的细节:http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
The code in NGINX looks more or less like this:
NGINX中的代码大致是这样的:
location ^~ /admin {
# checking in background if user is privileged
auth_request /auth;
root /var/www/angular-client/;
}
location = /auth {
proxy_pass http://backend.cms/api/v1/users/admin.json;
proxy_set_header X-Original-URI http://backend.cms/api/v1/users/admin.json;/
}
#1
3
- minify
- 使变小
- uglify along with minify you must uglify your code, which make it difficult to understand, it will renames the variables and function in very ugly manner, not easy to break the code.
Also you can encrypt it well, you have and have to decrypt when it is needed to use, and that can't be remain hidden from the front end tools - 随着代码的缩小,您必须对代码进行丑化,这使代码难以理解,它将以非常难看的方式重命名变量和函数,不容易破坏代码。你也可以很好地加密它,当它需要使用的时候,你必须解密它,这不能被隐藏在前端工具之外
#2
15
This cannot be done.
不能做到这一点。
But you can use tools for minify the sources. See Google Clousure and ng-min for angular.js
但是你可以使用工具来缩小来源。参见谷歌Clousure和ng-min的angular.js。
I recommend you to use grunt to build one single js file for you application, with all of your code minified. Take a look at those projects that may be useful: ng-boilerplate and yeoman - angularjs
我建议您使用grunt为您的应用程序构建一个单独的js文件,并对所有代码进行简化。看看那些可能有用的项目:ng-boilerplate和yeoman - angularjs
#3
9
You cannot hide angualrjs. Its based on Javascript. To minify, doesn't help because anyone can convert it back to human readable view (sure if anyone wants to steal your code). Any sensitive logic try to put on server side.
你不能隐藏angualrjs。其基于Javascript。缩小并不会有帮助,因为任何人都可以将它转换回人类可读的视图(当然,如果有人想偷你的代码的话)。任何敏感逻辑都要放在服务器端。
Hope it will hep,
希望它将消息灵通的,
#4
3
This is the natural behaviour of a front-end framework; you do not hide the source code. There should be no sensitive data whatsoever in your front-end, especially no passwords. Just like Stack Overflow, all the font-end code is and will always be visible to the user.
这是前端框架的自然行为;不隐藏源代码。在你的前端应该没有任何敏感的数据,特别是没有密码。就像Stack Overflow一样,用户可以看到所有的字体端代码。
#5
3
You can hide your javascript code using NGINX server subrequest.
您可以使用NGINX服务器子请求隐藏javascript代码。
If you have /admin
route in angular, backbone or other js framework and you want to hide it for unauthorized users, you can make subrequest in NGINX to backend, which checks if user is authorized. If not, then you throw 404 or make redirect to homepage.
如果你有/admin路径在角、主干或其他js框架中,你想要隐藏它给未经授权的用户,你可以在NGINX中向后端发出子请求,它会检查用户是否被授权。如果没有,你就抛出404或重定向到主页。
This is nginx module which contains more details: http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
这是nginx模块,它包含更多的细节:http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
The code in NGINX looks more or less like this:
NGINX中的代码大致是这样的:
location ^~ /admin {
# checking in background if user is privileged
auth_request /auth;
root /var/www/angular-client/;
}
location = /auth {
proxy_pass http://backend.cms/api/v1/users/admin.json;
proxy_set_header X-Original-URI http://backend.cms/api/v1/users/admin.json;/
}