Solutions
By Need
JavaScript Protection
Magecart Mitigation
Mobile App Protection
Data Leakage Prevention
Third Party Control
Customer Hijacking Prevention
User Data Protection & Compliance
By Sector
Financial Services
IT & Software
E-Commerce
Healthcare
Media & OTT
Gaming & Gambling
Products
Code Integrity
Application Shielding
Runtime Protection
JavaScript Threat Monitoring
Webpage Integrity
Webpage Inventory
Third Party Management
User Data Management
Webpage Threat Mitigation
Resources
Partners
Docs
Blog
Learning Hub
Help Center > Code Integrity > Documentation > Code Hardening

Code Hardening

Code Hardening protects the application from reverse engineering and automated/manual deobfuscation by making transformations more resilient and consecutively strengthening the application integrity.

How it works by default

When protecting your application, Code Hardening is implicitly included in all protection transformations. However, it won't target all JavaScript application files.

In order to reduce the impact in the file size growth, Code Hardening is only implicitly included in files that match the following criteria:

  • Single file applications will always be targeted
  • Otherwise, if the application has multiple JavaScript files
    • Only targets files with file size greater or equal to 5KB
    • And files which do not contain the word vendor in their file path (i.e. vendor-1.4.js, vendor/app.js, etc)

It is possible to customize Code Hardening behavior using Jscrambler's CLI or by means of Code Annotations. This overrides the default rules.

Usage with the API

Situations may arise where the user wants Code Hardening to target files with different file size (by default >= 5KB), in order to do that, users can set the --code-hardening-threshold flag through the Jscrambler CLI or the codeHardeningThreshold property on the Jscrambler configuration file.

Examples

Let's consider an application with several JavaScript files smaller than 5KB and that the user wants to target every file with a file size equal to or greater than 2KB. By default those files would be ignored; to override this behavior, there are 2 options:

  • Use the --code-hardening-threshold=2kb flag on the CLI.
jscrambler -c jscrambler.json --code-hardening-threshold=2kb
  • Set codeHardeningThreshold on the jscrambler.json file
{
    ...
    "codeHardeningThreshold": "2kb"
}

To protect all the application's JavaScript files despite their file size, the user can set the codeHardeningThreshold value to 0, which will have the desired effect.

jscrambler -c jscrambler.json --code-hardening-threshold=0

Or

{
    ...
    "codeHardeningThreshold": 0
}

Alternatively, if you want to disable Code Hardening on every file, you can set codeHardeningThreshold to a big value (e.g., 100mb) to make sure that every file in your application is smaller than the threshold.

By setting the codeHardeningThreshold value, even vendor files will be targeted as long as their file size is greater or equal than the set threshold.

Code Annotations

If you want to make sure that Code Hardening is (or is not) applied to a specific JavaScript file, you should use code annotations.

For instance, if you want to enforce Code Hardening, add the following code annotation to the beginning of the file:

// @jscrambler global enable codeHardening

In the other hand, if you want to disable it, use this code annotation:

// @jscrambler global disable codeHardening

Default rules are always ignored when using code annotations.