search
HomeWeb Front-endHTML TutorialAbout HTML encryption obfuscation, source code protection, code security, preventing decompression and viewing the source code directly_html/css_WEB-ITnose

Some people have been asking how to obfuscate HTML encryption. In fact, this is a topic that has been studied by many people in the industry.

I recently compiled an article to share with you in my spare time.

Let’s first sort out the requirements. What is the purpose of encryption? What level of encryption is it? What can we sacrifice for this?
We know that there is no absolute security in this world, encryption will be cracked, and obfuscation will be deobfuscated.
Technical novices, developers, and hackers are all at completely different levels, and the strategies for preventing people at different levels are different.
The greater the prevention efforts, the greater the investment cost, such as hiring a professional security company.
In addition to investment, we also need to consider the execution performance and user experience of the program.
Encrypted code must be decrypted at runtime. After obfuscation, especially after obfuscating HTML, the execution performance of the program will decrease.
Whether this type of source code protection is really necessary requires careful decision-making.

Generally speaking, the front-end code is responsible for user experience, and the back-end code is responsible for safer data processing.
The front-end should not involve leaking too much confidential information, so the meaning of encryption is not particularly significant.
I rarely see content worth protecting in front-end code, such as advanced algorithms. There is no need to sacrifice user experience to protect many codes.
However, some front-end codes involve end-user data security, so efforts should still be made to protect data at this time.

Next, we will analyze several methods in detail.

    1. Don’t put sensitive data on the front end
      This sounds nonsense, but it’s really important.
      Some developers store user passwords in plain text on mobile phones, which is very dangerous.
      Even if it is native development, once the phone is rooted, data leakage will occur. Not to mention HTML5 development.
      A better approach is to store tokens on the mobile phone instead of passwords. Here is an article dedicated to this. Developers involved in login are recommended to take a closer look at how to design the APP login function and secure calling interface based on HTML5 ( Principles)

    1. js, css compression
      Compression is not encryption, nor obfuscation. But compressed js files often also have obfuscation functions.
      JS and CSS compression are very common technologies. We often see that the file names of various frameworks are xxx.min.js and xxx.min.css.
      Using appropriate js and css compression solutions can reduce file size, improve loading speed, and most importantly, it can also speed up program execution performance. It is simply a benefit without any harm.
      The most commonly used tool to obfuscate js is Yahoo's YUI obfuscation. Click the menu tool-plugin installation in HBuilder. There is YUI compress in it, which can compress js and css.
      If js and css are relatively large, it is recommended to compress them before publishing.

    1. Confusing HTML, js, css
      Although compression can also be confusing, it is not for the purpose of making others incomprehensible. Confusion is really for the purpose of others not being able to understand.
      But such confusion is not as harmless as compression. It will reduce program execution performance.
      Some developers do not want to see the source code directly after decompressing the distribution package, so they can use the obfuscation solution at this time.
      Searching for HTML obfuscation on the Internet, there are a lot of information and tools.
      The principles are similar. The js code turns into a messy string and is then executed using eval. The HTML code turns into a messy string and is executed using document.write or innerHTML. CSS can also be dynamically written in document.write

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
What is the purpose of the <datalist> element?What is the purpose of the <datalist> element?Mar 21, 2025 pm 12:33 PM

The article discusses the HTML <datalist> element, which enhances forms by providing autocomplete suggestions, improving user experience and reducing errors.Character count: 159

What is the purpose of the <progress> element?What is the purpose of the <progress> element?Mar 21, 2025 pm 12:34 PM

The article discusses the HTML <progress> element, its purpose, styling, and differences from the <meter> element. The main focus is on using <progress> for task completion and <meter> for stati

What is the purpose of the <meter> element?What is the purpose of the <meter> element?Mar 21, 2025 pm 12:35 PM

The article discusses the HTML <meter> element, used for displaying scalar or fractional values within a range, and its common applications in web development. It differentiates <meter> from <progress> and ex

What is the purpose of the <iframe> tag? What are the security considerations when using it?What is the purpose of the <iframe> tag? What are the security considerations when using it?Mar 20, 2025 pm 06:05 PM

The article discusses the <iframe> tag's purpose in embedding external content into webpages, its common uses, security risks, and alternatives like object tags and APIs.

What is the viewport meta tag? Why is it important for responsive design?What is the viewport meta tag? Why is it important for responsive design?Mar 20, 2025 pm 05:56 PM

The article discusses the viewport meta tag, essential for responsive web design on mobile devices. It explains how proper use ensures optimal content scaling and user interaction, while misuse can lead to design and accessibility issues.

How do I use HTML5 form validation attributes to validate user input?How do I use HTML5 form validation attributes to validate user input?Mar 17, 2025 pm 12:27 PM

The article discusses using HTML5 form validation attributes like required, pattern, min, max, and length limits to validate user input directly in the browser.

What are the best practices for cross-browser compatibility in HTML5?What are the best practices for cross-browser compatibility in HTML5?Mar 17, 2025 pm 12:20 PM

Article discusses best practices for ensuring HTML5 cross-browser compatibility, focusing on feature detection, progressive enhancement, and testing methods.

How do I use the HTML5 <time> element to represent dates and times semantically?How do I use the HTML5 <time> element to represent dates and times semantically?Mar 12, 2025 pm 04:05 PM

This article explains the HTML5 <time> element for semantic date/time representation. It emphasizes the importance of the datetime attribute for machine readability (ISO 8601 format) alongside human-readable text, boosting accessibilit

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

ZendStudio 13.5.1 Mac

ZendStudio 13.5.1 Mac

Powerful PHP integrated development environment

MinGW - Minimalist GNU for Windows

MinGW - Minimalist GNU for Windows

This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

VSCode Windows 64-bit Download

VSCode Windows 64-bit Download

A free and powerful IDE editor launched by Microsoft

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.