Hide FullCalendar schedulerLicenseKey in page

Question

My company recently purchased the Full-Calendar Scheduler addon. Is there a proper way to hide the license key in code? What are good practices for this?

Answer 1

valid for open source project schedulerLicenseKey: 'GPL-My-Project-Is-Open-Source'

Answer 2

use 'valid' key, then your problem will be disappeared. I have some case too, then using that valid key, my problem solved.

Answer 3

Old question, but since I just came across the same issue, I thought I'd share my 2c. IMHO the best thing to do is never expose the key directly in the code. Instead, store it in some back-end configuration file or even a database field, and read it and assign it dynamically in the front-end. Granted, in the end someone willing enough can still reverse engineer the front-end code and read it (assuming they can log in to the application), but the key will never be that easy to read, as in committed with the rest of the code in your repo.

In short, best practice is to never store license keys in the code.

Answer 4

Use this code. it works under Scheduler GPL license without charges

$('#calendar').fullCalendar({
  schedulerLicenseKey: 'GPL-My-Project-Is-Open-Source'
});

Answer 5

You're right, there's no way to completely hide the schedulerLicenseKey from someone malicious wanting to steal it, however, a thief could much more easily use the universal GPL license key if they wanted a warning-free version of Scheduler, so it's a moot point.

In essence, the actual characters of the license key are not that secret. The license key is mainly used to know when to prompt the developer that they have upgraded past their allowed version upgrade window. Beyond this, it is essentially an honor system. This is why not much attempt is made to encrypt/validate the key.