- 1. Introduction
- 2. Detering pirates
- 3. Obfuscation
- 4. escape()/unescape() functions
- 5. Hiding obfuscated code
- 6. Requesting code using AJAX
- 7. Session cookies
- 8. Compression and decompression
- 9. Proposed strategy
There are lots of tools available on the web for obfuscating your code. This usually involves stripping all comments, removing white space / new lines and replacing variable names with meaningless symbols. Some obfuscators also use escape sequences to make text strings and numeric values harder to read.
Hiding obfuscated code
Requesting code using AJAX
setRequestHeader('Cache-Control', 'no-cache');is not reliable in all browsers. An alternative is to randomise the AJAX URL using the current time in milliseconds e.g.
'http://www.myserver.com/get.php?sid=' + new Date().getTime();
Compression and decompression
If your main goals are to prevent other websites hosting your game without consent and you want to make it hard for people to steal your code or modify it , then the following strategy may help.
- 2. Serve HTML page with a very short lived cookie to the client.
- 3. The client's onload HTML event executes an AJAX request to the server.
- 4. The server checks the cookie to ensure it is valid.
- 7. 'eval()' is used to run the resulting script.
- 8. Repeat to peel away multiple layers of encryption.