CODEWITHSUNDEEP
javascriptasp.netasp.net-mvcminifybundling-and-minification
BenjiFB
BenjiFB

Reputation: 4721

Prevent circumventing ASP.NET minification

I've got some ASP.NET that I'm deploying as an Azure cloud service. The javascript files have comments in them that I'd like not to be visible to anyone consuming the JS. I'm taking advantage of ASP.NET bundling and minification:

http://www.asp.net/mvc/overview/performance/bundling-and-minification

This seems to be a nice solution in that it removes all comments during the minifcation process. But I can't count on the fact that the user won't directly point his or her browser directly to the individual, original js files. I'm trying to figorue out how to prevent the user from pulling the js files directly (forcing them to pull only a bundle), in order to prevent viewing comments. Is there a way to implement a black list of files that can't be downloaded? If not, I was thinking of adding a series of random characters to the name of each js file. Lastly, if that doesn't seem like a good idea, I would investigate injecting something into the VS build process to strip comments on publish.

Any thoughts would be welcome.

Upvotes: 2

Views: 105

Answers (2)

iceburg
iceburg

Reputation: 1768

You can use blockviewhandler in a web.config in the folder your js is in. Explicitly whitelist any files that are OK to download and then block the rest.

There's an example in this question: Where to put view-specific javascript files in an ASP.NET MVC application?

Upvotes: 2

rasharasha
rasharasha

Reputation: 301

I think you can modify your deployment process. To your production server upload only the minified js files but to your test/dev server upload everything.

Upvotes: 2

Related Questions