Profiling

Introduction

Disclaimer: Before using Profiling, protect your application and verify that performance is an issue (if it isn't, then there is no reason to profile the application).

Some applications tend to perform poorly once they are protected with costly templates or transformations. However, switching to lower-cost alternatives may excessively reduce the quality of the protection. A compromise can be reached by using performance-sensitive templates on the small portions of the application that take the longest time to execute, while still using security-sensitive templates on the vast majority of the code that executes too quickly or infrequently to be a performance hazard.

To achieve this, Jscrambler users should use the Application Profiling feature, by running their application while Jscrambler automatically determines the best templates to apply to each function. Please note that users can still fine-tune the results to better suit their purposes.

Profiling Modes

You have two ways available to enable profiling recommendations when protecting your application:

  • Automatic: Profiling recommendations are automatically added to the protection in this mode. Best used to quickly assess the performance improvements introduced by profiling. Also, if running profiling before (every) application protection is not a problem for you, this is the way to go;
  • Annotations: Profiling recommendations are consumed through code annotations only. The code annotations are created by the profiling and can be persisted into your source code. Best used if you only want to run profiling once;
  • Off: Disables profiling recommendations. When performance is not an issue for your protected application, this is the way to go;

Pros and Cons

Pros and cons of each profiling mode.

Profiling Mode Pros Cons
Annotations + Profiling information is persisted alongside your source code
+ Source code changes are harmless
+ Integration in your CI/CD doesn't require to run profiling
- Requires a one-time manual step
Automatic + Quick way of evaluating the performance results
+ Integration in your CI/CD provides up-to-date results
- Source code changes might impact the Profiling information
- Requires a pre-protection step in your CI/CD process

Next, we provide documentation on the available ways to use application profiling, according to your development scenario.