You can't prevent anyone from looking at your javascript code. Its basically the same as html in that way. You can make it very difficult to decipher, aka obfuscation, but you really gain nothing from this.

您无法阻止任何人查看您的 javascript 代码。它在这种方式上与 html 基本相同。你可以让破译变得非常困难，也就是混淆，但你真的没有从中得到任何好处。

If you have application critical code that for whatever reason you feel is mission critical, design your web app in such a way that the "protected" code is run on the server. Communicate to the front-end (the browsers) using xhr requests that are only passing state data back and forth.

如果您的应用程序关键代码无论出于何种原因您认为是关键任务，请以“受保护”代码在服务器上运行的方式设计您的 Web 应用程序。使用仅来回传递状态数据的 xhr 请求与前端（浏览器）通信。

This is not possible, as the browser needs to understand your javascript when it arrives, hence a human can understand it too.

这是不可能的，因为浏览器需要在它到达时理解您的 javascript，因此人类也可以理解它。

To make our web app more efficient we decided to compress(YUI for JS and CSS) and put all the main resources in the HTML page inline(HTML, CSS and JS) a shell script does that automatically during the deployment.

为了使我们的 Web 应用程序更高效，我们决定压缩（用于 JS 和 CSS 的 YUI）并将所有主要资源放在 HTML 页面内联（HTML、CSS 和 JS）中，shell 脚本会在部署期间自动执行此操作。

As an unexpected result, if you view the source of our app, you get a pretty unreadable ~250kb string.
This won't stop the guy that really want to get your code, but it will discourage many.

一个意想不到的结果是，如果您查看我们应用程序的源代码，您会看到一个非常难读的 ~250kb 字符串。
这不会阻止真正想要获取您的代码的人，但会使许多人望而却步。

You can compress your javascript. Yahoo provides online tool to compress your file. It also supports variable replacement i.e. to replace your logical function name, variable name by a, b, c etc. to protect your client side business logic.

您可以压缩您的 javascript。雅虎提供在线工具来压缩您的文件。它还支持变量替换，即用 a、b、c 等替换您的逻辑函数名、变量名，以保护您的客户端业务逻辑。

http://refresh-sf.com/yui/

http://refresh-sf.com/yui/

You cannot "protect" your JavaScript because it is client side, the best you can do is to verify any user input server side to make sure users have not injected any malicious code or attempted any form of XSS (Cross Site Scripting). It is very important to verify server side, especially since a person could inject code into a poorly made site with nothing but FireBug. Basically you need to make sure you never write a string back that the user has entered until that string has been encoded. There is more to security than encoding user strings, but that fixes many security holes by itself.

你不能“保护”你的 JavaScript，因为它是客户端，你能做的最好的事情是验证任何用户输入服务器端，以确保用户没有注入任何恶意代码或尝试任何形式的 XSS（跨站点脚本）。验证服务器端非常重要，特别是因为一个人可以将代码注入一个制作不良的站点，除了 FireBug 什么都没有。基本上你需要确保你永远不会写回用户输入的字符串，直到该字符串被编码。除了对用户字符串进行编码之外，安全还有更多，但这本身就修复了许多安全漏洞。