Block js file access from webpage source

Question

I have some js files which should not be viewed by any users accessing my website i.e I don't want the contents of the js files to show up on the page source. The data is important so i don't want users to access at all. Is there any way i can do this ? Or is there any way to encrypt the js file so that I can still access the data inside, but not the users ? Or can I do some safe redirection on clicking the js file ?

Answer 1

It is not possible to block javascript file access from webpage source code and you are saying that there is some data which needs to be protected.

You can store the data at server and fetch it using AJAX call so that you no need to worry when the user checks your source code.

But still your problem is not solved because we can monitor AJAX calls and see the response. I think the only solution to your problem is to encrypt your data at server and send it to the client. Your client should be able to decrypt the data.

For encryption/decryption, most of the developers use AES and to exchange the key use Extended Diffie Hellman Key Exchange algorithm

Users can still monitor XHR requests and see the response but the response is encrypted.

If you feel, your source code is also need to be protected then go for obfuscators.

Check this jscrambler

Answer 2

You can't deny access to your JS files but you may consider minifying/obfuscating your JS files to make harder for people to understand.

Check these minifier/obfuscator

• http://javascriptobfuscator.com/default.aspx
• http://developer.yahoo.com/yui/compressor/
• http://closure-compiler.appspot.com/home
• http://www.daftlogic.com/projects-online-javascript-obfuscator.htm

Answer 3

Obviously that's not possible - what's available for the browser is also available to you. If users shouldn't be able to access data, don't send it to them but keep it on the server.

Besides that, I guess your JS is not that valuable anyway...