javascript PHP混淆javascript代码的简单方法
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/13764925/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Simple way to obfuscate javascript code by PHP
提问by webchun
I want to give a free download to my web visitor but I will hide the download link until they click the facebook like button. After they like it then jquery will make the button active and add 'href' attribute to the tag, contains path to the file, so then user will be able to click the link and download the file.
我想免费下载我的网络访问者,但我会隐藏下载链接,直到他们点击 facebook like 按钮。在他们喜欢它之后,jquery 将使按钮处于活动状态并向标签添加“href”属性,包含文件的路径,因此用户将能够单击链接并下载文件。
The problem is, user will be able to see the path easily when viewing source of the html in their browser. Is there any easy way in php (I put the javascript codes inside on PHP file) to make a the path is harder to read?
问题是,用户在浏览器中查看 html 的源代码时,可以很容易地看到路径。在 php 中有什么简单的方法(我将 javascript 代码放在 PHP 文件中)使路径更难阅读?
It's fine when people will be able to deobfuscate it. I just want to make it harder to read for non advance user, so then people will consider to like the link instead of finding a way to deobfuscate the code.
当人们能够对其进行反混淆时,这很好。我只是想让非高级用户更难阅读,这样人们就会考虑喜欢这个链接,而不是找到一种对代码进行反混淆的方法。
Thank you
谢谢
回答by T.J. Crowder
The only way to reallydo this properly is, of course, for the button press to make a round-trip to the server to retrieve the URL, via ajax or whatever.
当然,真正正确执行此操作的唯一方法是按下按钮以通过 ajax 或其他方式往返于服务器以检索 URL。
But if you don't want to do that, and just want to obscure it, there are plenty of options. Base-64encoding, for instance, has good support both in PHP and JavaScript, so you could encode the path on the PHP side (with base64_encode) and decode on JavaScript once the button is pressed (using any of several solutions discussed hereon Stack Overflow).
但是,如果您不想这样做,而只想掩盖它,那么有很多选择。例如,Base-64编码在 PHP 和 JavaScript 中都有很好的支持,因此您可以在 PHP 端(使用base64_encode)对路径进行编码,并在按下按钮后在 JavaScript 上解码(使用此处讨论的几种解决方案中的任何一种)堆栈溢出)。
回答by Praveen Kumar Purushothaman
You can try something like this:
你可以尝试这样的事情:
ob_start();
# Insert regular JavaScript here...
$generatedoutput = ob_get_contents();
ob_end_clean();
$generatedoutput = str_replace("\\r\n", "\n", $generatedoutput);
$generatedoutput = str_replace("\\n", "\n", $generatedoutput);
$generatedoutput = str_replace("\\r", "\n", $generatedoutput);
$generatedoutput = str_replace("}\r\n", "};\r\n", $generatedoutput);
$generatedoutput = str_replace("}\n", "};\n", $generatedoutput);
$generatedoutput = str_replace("}\r", "};\r", $generatedoutput);
require('javascriptpacker.php');
$myPacker = new JavaScriptPacker($generatedoutput, 62, true, false);
$packed = $myPacker->pack();
echo($packed);
And add this way:
并以这种方式添加:
<script language="JavaScript" type="text/javascript" src="js.php"></script>
N.B: Originally from sites.google.com/a/vansteenbeek.net/archive/obfuscate_javascript, which is now a 404
注意:最初来自sites.google.com/a/vansteenbeek.net/archive/obfuscate_javascript,现在是404
回答by Tom Hallam
Perhaps you could just store the path server side and have the frontend pass a special code to a remote endpoint once the item has been "liked".
也许您可以只存储路径服务器端,并在项目被“喜欢”后让前端将特殊代码传递给远程端点。
$([however you're binding to the like button]).on('click', function() {
$.getJSON('/download_link.php', {'key': <some unique key>}, function(response) {
if(response.status == 'valid') {
$('<div><a href="' + response.path + '">Download the item now!</a></div>').appendTo('body');
}
else {
alert('invalid security key');
}
});
});
If you're worried about people easily seeing the routine, then go to packer (http://dean.edwards.name/packer/). It's not secure but it will deter your average joe from seeing the code easily.
如果您担心人们很容易看到例程,那么请访问 packer ( http://dean.edwards.name/packer/)。它不安全,但会阻止普通人轻松查看代码。
FYI the code above looks like this when packed:
仅供参考,上面的代码在打包时如下所示:
eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\b'+e(c)+'\b','g'),k[c]);return p}('$([m h\'9 e l 2 5 6]).7(\'8\', 3() {\n $.b(\'/c.d\', {\'1\': <f g 1>}, 3(0) {\n i(0.j == \'k\') {\n $(\'<4><a n="\' + 0.o + \'">p 2 q r!</a></4>\').s(\'t\');\n }\n u {\n v(\'w x 1\')}})});',34,34,'response|key|the|function|div|like|button|on|click|re||getJSON|download_link|php|binding|some|unique|you|if|status|valid|to|however|href|path|Download|item|now|appendTo|body|else|alert|invalid|security'.split('|'),0,{}))
You'll need to return the following from the download_link.phpfile:
您需要从download_link.php文件中返回以下内容:
<?php
if(valid_key($_REQUEST['key'])) {
header('Content-Type: application/json');
echo json_encode(array('status' => 'valid', 'path' => generate_secret_path()));
}
?>
Hope that helps.
希望有帮助。
回答by Nathan Wall
There are lots of ways to do what you want. Here's a simple algorithm that can build a URL. You can use this as inspiration. The following algorithm builds the URL "http://www.google.com/"
有很多方法可以做你想做的事。这是一个可以构建 URL 的简单算法。你可以以此为灵感。以下算法构建 URL"http://www.google.com/"
var url = [
72, 84, 84, 80, 26, 15, 15, 87,
87, 87, 14, 71, 79, 79, 71, 76,
69, 14, 67, 79, 77, 15
].map(function(u) {
return String.fromCharCode(u + 32);
}).join('');
console.log(url);
