The Javascript code is executed in the browser, i.e. on the client side, which means it must be available not-encrypted on the client side.

Javascript 代码在浏览器中执行，即在客户端，这意味着它必须在客户端未加密时可用。

The "best" you can do is probably to minify it, which will make it harder to understand it -- and a bit of obfuscationmight do too -- even if someone really motivated will still be able to read it.

您可以做的“最好”可能是缩小它，这会使它更难理解——而且可能会做一些混淆——即使有人真正有动力仍然能够阅读它。

See for instance the YUI Compressor, which can both minify and obfuscate JS code.

例如，参见YUI Compressor，它可以缩小和混淆 JS 代码。

If you truly want to encrypt it so that no one else can decrypt it, you could use one of any number of encryptions. For instance, to do it manually, you could use TrueCrypt; or to do it programatically, use the encryption libraries available in most languages.

如果您真的想加密它以便其他人无法解密它，您可以使用任意数量的加密之一。例如，要手动完成，您可以使用TrueCrypt；或者以编程方式执行此操作，请使用大多数语言中可用的加密库。

If what you are really asking, though, is how to obfuscate the code so that no one can reverse-engineer it, the answer is: you can't, not in Javascript or any other language. The best you can do is make it more difficult on the reverse-engineers by making it hard to read; for that, there are any number of tools:

但是，如果您真正要问的是如何混淆代码以便没有人可以对其进行逆向工程，那么答案是： 您不能，不能使用 Javascript 或任何其他语言。你能做的最好的事情就是让逆向工程师更难阅读；为此，有许多工具：

• javascriptobfuscator.com
• javascript obfuscator
• ObfuscateJS

• javascriptobfuscator.com
• javascript混淆器
• 混淆JS

There is no way to do that. You can obscure it and have some domain checking code in it. Or you could have it served with a server-side script that checks the referring domain.

没有办法做到这一点。您可以隐藏它并在其中包含一些域检查代码。或者您可以让它与检查引用域的服务器端脚本一起使用。

I think you're confusing encryptionwith compiled binary.

我认为您将加密与已编译的 binary混淆了。

Not even commercial closed-source software such as Microsoft Office or Adobe Photoshop are encryptedfor distribution. But they are compiled to native machine code, which makes them hard to reverse engineer.

甚至 Microsoft Office 或 Adob​​e Photoshop 等商业闭源软件都没有加密分发。但是它们被编译为本地机器代码，这使得它们很难进行逆向工程。

JavaScript has no such thing as a compiled binary. But, as more and more browsers move to bytecode compilation to achieve faster performance, we may someday have a compiled JavaScript source format. Perhaps, analogous to Python's .pyand .pycfiles, maybe we'll have a .jscor JavaScript Compiled file, that can be delivered to the browser in binary form, to run in its JavaScript virtual machine.

JavaScript 没有编译后的二进制文件。但是，随着越来越多的浏览器转向字节码编译以实现更快的性能，我们可能有一天会拥有一种编译好的 JavaScript 源格式。也许，类似于 Python.py和.pyc文件，也许我们会有一个.jsc或 JavaScript 编译文件，可以以二进制形式传送到浏览器，在其 JavaScript 虚拟机中运行。

No such thing exists yet though. And even if it did, this is just a more intense obfuscation. Obfuscation is fine for preventing casual copying and sharing, but if you need really protect your intellectual property, move the logic server-side.

不过目前还不存在这样的东西。即使确实如此，这也只是一种更强烈的混淆。混淆可以防止随意复制和共享，但如果您真的需要保护您的知识产权，请移动服务器端的逻辑。

What you want is theoretically and practically impossible. People will tell you here that it is not possible and you might think "Well, that's because nobody has tried hard enough". No. It's impossible in the same way that calculating the nth prime number in linear or constant time is impossible. It's impossible in the same way that the halting problem is impossible to solve. "What do you mean 2+2 doesn't equal five? You're not trying hard enough!"

你想要的在理论上和实际上是不可能的。人们会在这里告诉你这是不可能的，你可能会想“嗯，那是因为没有人努力过”。不。这与在线性或恒定时间内计算第 n 个素数是不可能的一样。就像无法解决停机问题一样，这是不可能的。“你的意思是2+2不等于5？你还不够努力！”

Not only is it impossible though, but the motivations for wanting this sort of thing are normally pretty misguided. It's always a fundamental mistake to attempt to use technology to solve a problem that is fundamentally a legal problem. You want to protect your code from "pirates" or competitors, perhaps? It's not likely that you've written anything particularly worth stealing, but if you have, and you don't want people to steal it, then your only true recourse is the rule of law.

然而，这不仅是不可能的，而且想要这种东西的动机通常被误导了。试图使用技术解决从根本上属于法律问题的问题总是一个根本性的错误。也许您想保护您的代码免受“盗版”或竞争对手的侵害？你写的东西不太可能特别值得窃取，但如果你写了，而且你不希望人们窃取它，那么你唯一真正的求助就是法治。

However, on a larger level, your problem is not likely going to be competitors or pirates stealing your code. Your problem is going to be business oriented: Gaining an audience through making a quality product, and the right price, and with sufficient marketing. You do that right, someone stealing your code doesn't matter. You do it right, and having the "authentic original" will appear to have real value. In fact, if you release your stuff open source, it can only really help you, because then you have an army of interested amateurs working for you for free, potentially. Piracy and reverse engineering is actually a godsend because it means people are interested enough in your product to want to improve it. The best thing is to do whatever you can to let that happen.

然而，在更大的层面上，您的问题不太可能是竞争对手或盗版者窃取您的代码。您的问题将是面向业务的：通过生产优质产品、合适的价格以及充分的营销来获得受众。你做得对，有人窃取你的代码并不重要。你做对了，拥有“正宗的原创”似乎具有真正的价值。事实上，如果你开源你的东西，它只能真正帮助你，因为这样你就有一群有兴趣的业余爱好者免费为你工作，潜在的。盗版和逆向工程实际上是天赐之物，因为这意味着人们对您的产品有足够的兴趣想要改进它。最好的办法是尽你所能让它发生。

If your business really does depend on keeping some javascript secret, then you've basically made a mistake in your business plan at stage 1.

如果您的业务确实依赖于对某些 javascript 保密，那么您基本上在第 1 阶段的业务计划中就犯了一个错误。

If your business is selling a javascript library (such things exist!), then you're no worse off than any other seller of software. The best thing to do is to market it towards honest businesses that have no problem with giving you money. The people that pirate your stuff had no intention of paying you anyway- and get the fundamental disadvantage that they don't get your technical support, or regular maintenance updates.

如果您的企业正在销售 javascript 库（这种东西确实存在！），那么您的情况并不比任何其他软件销售商差。最好的办法是向诚实的企业推销它，这些企业对给你钱没有问题。盗版您的东西的人无论如何都不想付钱给您 - 并且他们的根本劣势是他们得不到您的技术支持或定期维护更新。

If this is not a business effort, then I really have no idea why you're even bothering. Proper credit?

如果这不是商业上的努力，那么我真的不知道你为什么要打扰。适当的信用？

There is no way to do so because at the end of the day, the code still has to run, unencrypted, on the client machine, which means the routine to decrypt the code has to be sent alongside the encrypted code. You're handing them both the lock and the key, all they have to do is turn.

没有办法这样做，因为在一天结束时，代码仍然必须在客户端机器上运行，未加密，这意味着解密代码的例程必须与加密代码一起发送。你把锁和钥匙都交给他们，他们所要做的就是转动。

Your best best is to run it through an obfuscator, but even then, its not like somebody won't be able to just rewrite it themselves without the need to attempt to read your code anyway.

最好的办法是通过混淆器运行它，但即便如此，也不是有人无法在不需要尝试阅读您的代码的情况下自己重写它。

While not actually encrypted, Yahoo's YUI Compressorwill compress and obfuscate your JavaScript for normal use and provides better compression that JSMin.

虽然实际上并未加密，但 Yahoo 的YUI Compressor会压缩和混淆您的 JavaScript 以供正常使用，并提供比JSMin更好的压缩。

Microsoft used to provide Script Encoderto encode your JavaScript (and ASP and VBScript etc.) but the encoded script only worked in Internet Explorer so it was a big no-no (link)

Microsoft 曾经提供Script Encoder来对您的 JavaScript（以及 ASP 和 VBScript 等）进行编码，但编码后的脚本只能在 Internet Explorer 中运行，因此这是一个很大的禁忌（链接）

Nowadays only obfuscation is an option. But you can break any obfuscation with tools like the Online JavaScript Beautifierso your out of luck. You can minimize and you can obfuscate but you truly can't hide what you are doing.

现在只有混淆是一种选择。但是您可以使用Online JavaScript Beautifier 之类的工具打破任何混淆，因此您很不走运。你可以最小化，你可以混淆，但你真的无法隐藏你在做什么。

The best minimizer/obfuscator is probably Google Closure Compiler- it's very advanced and might turn your code into something very hardly understandable.

最好的最小化器/混淆器可能是Google Closure Compiler- 它非常先进，可能会将您的代码变成难以理解的东西。

What you're looking for is obfuscation, not encryption. There are tools such as JSMinand the YUI Compressorthat will make your code very unreadable, to the point where no one would want to try to make sense of it. However, there is no wayto make it so that someone can't copy and paste it onto their own website and run it there. I wouldn't worry about it, honestly, because you'd be wasting your time trying to protect something that can't be protected. Try putting all your "important" logic on the server-side, if possible, because that's the only foolproof way to do it. If the browser can access it, so can anyone else.

您正在寻找的是混淆，而不是加密。有一些工具，例如JSMin和YUI Compressor，它们会使您的代码非常难以阅读，以至于没有人想尝试理解它。但是，没有办法做到让某人无法将其复制并粘贴到他们自己的网站上并在那里运行。老实说，我不会担心它，因为您会浪费时间试图保护无法保护的东西。如果可能，尝试将所有“重要”逻辑放在服务器端，因为这是唯一万无一失的方法。如果浏览器可以访问它，那么其他人也可以。

use this tool: Javascript Obfuscator https://javascriptobfuscator.com/Javascript-Obfuscator.aspx

使用这个工具：Javascript Obfuscator https://javascriptobfuscator.com/Javascript-Obfuscator.aspx