node.js obfuscate tool for client-side files

Question

I am looking for something like this tool or similiar: http://javascriptobfuscator.com/Javascript-Obfuscator.aspx

but as a module for node.js, so you can obfuscate client-side js file before sending them.

The tool from url above do few things but most important is that it changes strings between quotes and variable names to unreadable form.

I've tried to write code for only encoding strings, but it makes my code broken:

var output = str.replace(/(")(([^"\\]|\\.)+)(")/gi, function(match, p1, p2, p3, p4) {
     return p1 + someEncodingFunc(p2) + p4;
});

EDIT:

Thanks to robertklep I've found Confusion module. It does almost good job. Maybe someone can help me with this issue? https://github.com/uxebu/confusion/issues/1

You can see problem in this code output from project page:

(function(_x24139) {
  a[_x24139[0]](called[_x24139[1]](_x24139[2]));
  an[_x24139[3]](_x24139[4], _x24139[5], _x24139[6]);
}).call(
  this,
  ["property", "with", "a string literal", "other", "call", "is", "here"]
);

All I need is to obfuscate these strings in array. I noticed that if there is any utf8 character in string, then it will be obfuscate to \uXXXX form. But only utf8. If that would obfuscate ascii to \xYY form as well.. basically all characters.

Answer 1

Why don't you try JScrambler instead?. Not only it has much more source code transformations that target both strings and control-flow, but it also has a bunch of code traps and a runtime protection called Self-defending. Also, it worked out of the box for me. They claim to be compliant with every JS lib out there and right now they are the only solution AFAIK that officially supports Node.js:
Jscrambler Compliance Report

I don't think Uglify is a good option. It's a code optimizer, not meant to protect your code. It does rename variables and functions, but that is too weak of a protection to consider.