


Some people have been asking how to obfuscate HTML encryption. In fact, this is a topic that has been studied by many people in the industry.
I recently compiled an article to share with you in my spare time.
Let’s first sort out the requirements. What is the purpose of encryption? What level of encryption is it? What can we sacrifice for this?
We know that there is no absolute security in this world, encryption will be cracked, and obfuscation will be deobfuscated.
Technical novices, developers, and hackers are all at completely different levels, and the strategies for preventing people at different levels are different.
The greater the prevention efforts, the greater the investment cost, such as hiring a professional security company.
In addition to investment, we also need to consider the execution performance and user experience of the program.
Encrypted code must be decrypted at runtime. After obfuscation, especially after obfuscating HTML, the execution performance of the program will decrease.
Whether this type of source code protection is really necessary requires careful decision-making.
Generally speaking, the front-end code is responsible for user experience, and the back-end code is responsible for safer data processing.
The front-end should not involve leaking too much confidential information, so the meaning of encryption is not particularly significant.
I rarely see content worth protecting in front-end code, such as advanced algorithms. There is no need to sacrifice user experience to protect many codes.
However, some front-end codes involve end-user data security, so efforts should still be made to protect data at this time.
Next, we will analyze several methods in detail.
Don’t put sensitive data on the front end
This sounds nonsense, but it’s really important.
Some developers store user passwords in plain text on mobile phones, which is very dangerous.
Even if it is native development, once the phone is rooted, data leakage will occur. Not to mention HTML5 development.
A better approach is to store tokens on the mobile phone instead of passwords. Here is an article dedicated to this. Developers involved in login are recommended to take a closer look at how to design the APP login function and secure calling interface based on HTML5 ( Principles)
js, css compression
Compression is not encryption, nor obfuscation. But compressed js files often also have obfuscation functions.
JS and CSS compression are very common technologies. We often see that the file names of various frameworks are xxx.min.js and xxx.min.css.
Using appropriate js and css compression solutions can reduce file size, improve loading speed, and most importantly, it can also speed up program execution performance. It is simply a benefit without any harm.
The most commonly used tool to obfuscate js is Yahoo's YUI obfuscation. Click the menu tool-plugin installation in HBuilder. There is YUI compress in it, which can compress js and css.
If js and css are relatively large, it is recommended to compress them before publishing.
-
Confusing HTML, js, css
Although compression can also be confusing, it is not for the purpose of making others incomprehensible. Confusion is really for the purpose of others not being able to understand.
But such confusion is not as harmless as compression. It will reduce program execution performance.
Some developers do not want to see the source code directly after decompressing the distribution package, so they can use the obfuscation solution at this time.
Searching for HTML obfuscation on the Internet, there are a lot of information and tools.
The principles are similar. The js code turns into a messy string and is then executed using eval. The HTML code turns into a messy string and is executed using document.write or innerHTML. CSS can also be dynamically written in document.write

Solution to implement multi-project carousel in Bootstrap4 Implementing multi-project carousel in Bootstrap4 is not an easy task. Although Bootstrap...

How to achieve the effect of mouse scrolling event penetration? When we browse the web, we often encounter some special interaction designs. For example, on deepseek official website, �...

The default playback control style of HTML video cannot be modified directly through CSS. 1. Create custom controls using JavaScript. 2. Beautify these controls through CSS. 3. Consider compatibility, user experience and performance, using libraries such as Video.js or Plyr can simplify the process.

Potential problems with using native select on mobile phones When developing mobile applications, we often encounter the need for selecting boxes. Normally, developers...

What are the disadvantages of using native select on your phone? When developing applications on mobile devices, it is very important to choose the right UI components. Many developers...

Use Three.js and Octree to optimize collision handling of third-person roaming in the room. Use Octree in Three.js to implement third-person roaming in the room and add collisions...

Issues with native select on mobile phones When developing applications on mobile devices, we often encounter scenarios where users need to make choices. Although native sel...

Exploring the implementation principle of mouse scrolling events When browsing some websites, you may notice that some page elements still allow scrolling the entire page when the mouse is hovering...


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

SublimeText3 Linux new version
SublimeText3 Linux latest version

VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft

Dreamweaver CS6
Visual web development tools

Dreamweaver Mac version
Visual web development tools

WebStorm Mac version
Useful JavaScript development tools
