Solutions
By Need
JavaScript Protection
Magecart Mitigation
Mobile App Protection
Data Leakage Prevention
Third Party Control
Customer Hijacking Prevention
User Data Protection & Compliance
By Sector
Financial Services
IT & Software
E-Commerce
Healthcare
Media & OTT
Gaming & Gambling
Products
Code Integrity
Application Shielding
Runtime Protection
JavaScript Threat Monitoring
Webpage Integrity
Webpage Inventory
Third Party Management
User Data Management
Webpage Threat Mitigation
Resources
Partners
Docs
Blog
Learning Hub
Help Center > Code Integrity > Documentation > Transformations > OS Lock

OS Lock

Potency Medium
Resilience Medium
Cost Medium
Tags: os, lock, operating system

Description

OS Lock locks code to a list of operating systems. This will ensure that the code will only work in one of the allowed operating systems. This is a good transformation to enforce applications to a specific platform. Countermeasures can be specified (optionally) to be executed when the code runs in any other operating system.

Consider combining this transformation with obfuscation transformations to harden the resulting code making it more resilient to automated de-obfuscator tools and harder to understand by a human. You may also find useful to combine this transformation with other locks:

Code Annotation Example

// @jscrambler define osLock {oses: [windows], countermeasures: {deleteCookies: 1, redirect: /logout}} as ol1
// @jscrambler enable ol1

Option Types

Name Required Default Value Description
toleratePoisoning No N/A Avoid poisoning detection
oses Yes N/A List of OSes where the code is allowed to run.
countermeasures Yes {"deleteCookies": false,"breakApplication": true,"realTimeNotifications": false,"dataExfiltrationPrevention": false,"selfDestruct": false} List of available countermeasures

Countermeasures

Name Description
customCallback Name of the function to be called as a countermeasure.
deleteCookies Deletes all the cookies accessible via JavaScript.
redirect Redirects the user to a specific URL.
breakApplication Breaks the application's functionality.
realTimeNotifications Sends a notification when a violation occurs.
dataExfiltrationPrevention Prevents a malicious actor from carrying out an unauthorized data transfer by blocking network requests.
selfDestruct Attempts to damage the state and behavior of the application and/or the environment that is running the application.

Browser Compatibility

Browser Compatible Versions Tested Versions Notes
Chrome 80+ 80+
Firefox 90+ 90+
Internet Explorer 9+ 8+
Microsoft Edge 116+ 116+
Safari 13.1+ 13.1+

API Parameters

Example:

{
  "keys": {
    "accessKey": "XXXXXX",
    "secretKey": "YYYYYY"
  },
  "applicationId": "ZZZZZZ",
  "params": [
    {
      "name": "osLock",
      "options": {
        "toleratePoisoning": "VALUE",
        "oses": [
          "linux",
          "windows",
          "osx",
          "tizen",
          "android",
          "ios",
          "chromeos",
          "playstation"
        ],
        "countermeasures": {
          "customCallback": null,
          "deleteCookies": false,
          "redirect": null,
          "breakApplication": true,
          "realTimeNotifications": false,
          "dataExfiltrationPrevention": false,
          "selfDestruct": false
        }
      }
    }
  ]
}