Hi Stephen, As David said, obfuscates would be a first step to protecting your code. UglifyJS already munges several special cases for more efficient code, making it harder to reverse it. The next step would be Google Closure in advanced mode, which is a one-way transformation.
The final and most protected path for you would be Emscripten. Writing your business critical modules (like API client or Encryption) in C++ and compiling them to JavaScript (or even asm.js).The result resembles byte code, using typed arrays as memory. We are working on ideas for protecting API keys, as it's a request often coming up with app partners. I'd be happy to hear input on that from this list! --- Harald Kirschner | Mozillian Partner & Labs Craftsman | [email protected] (mailto:[email protected]) On Monday, March 4, 2013 at 9:16 AM, David Clarke wrote: > Steve, > The web is built on html / javascript / css, and generally there are lots of > different implementations for websites, games, blogs, video / picture > sharing, social networks, and they all use this same standard. > > You have multiple ways to deliver your app to the end user. You can package > your entire app up, and deliver it as a bundle of html /js / css. > https://developer.mozilla.org/en-US/docs/Apps/Packaged_apps or you can have > your app hosted on the web and installed by the end user. > > The good thing about the web is you can take snippets, learn how someone else > created a css transition, or animation. There is never a shortage of people > who would try to clone your software and release a similar app, however I > don't think this has been a problem for the web, and don't really think > you'll have much of a problem on mobile. > > Also, there are several tools out there that you can use to obfuscate / > minimize your css /js which for your purposes should make your actual code > harder to decipher, but not harder to copy. > > -David > > > ----- Original Message ----- > From: "Stephen Cunliffe" <[email protected] > (mailto:[email protected])> > To: [email protected] (mailto:[email protected]) > Sent: Monday, March 4, 2013 8:59:10 AM > Subject: source code access > > One of the biggest concerns on other mobile platforms is access to source > code/piracy. > > When an app is placed in the Firefox OS marketplace (or other store) and > users can download/purchase it... do the (savvy) end users have access to the > underlying source code? or is the content placed on their device in a folder > that they don't have typical read access to thus can't see the actual code > (e.g. steal it & clone) or copy the app to another device (e.g. piracy)? > > Thanks, > Steve > _______________________________________________ > dev-webapps mailing list > [email protected] (mailto:[email protected]) > https://lists.mozilla.org/listinfo/dev-webapps > _______________________________________________ > dev-webapps mailing list > [email protected] (mailto:[email protected]) > https://lists.mozilla.org/listinfo/dev-webapps > > _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
