Last updated: 16 Sep 2020
Framework versions tested: 16
Node.js is an extremely popular and open-source JavaScript runtime environment to create server-side applications.
For the purposes of this tutorial, we will be creating a simple "Hello World" Express.js app. It simply contains an app.js file with the following code:
const express = require('express')
const app = express()
const port = 3000
app.get('/', (req, res) => {
res.send('Hello World!')
})
app.listen(port, () => {
console.log(`Example app listening at http://localhost:${port}`)
})
If you haven't tried Jscrambler out before reading this tutorial, please consider reading the Getting Started Guide, which will walk you through the steps on how to protect your application. This will make this section easier to grasp. It will also teach you how to configure Jscrambler and use a custom configuration.
To complete the integration with Jscrambler, you need a JSON configuration file with your API credentials, application ID, and protection configuration. You may create your transformations recipe using the Jscrambler Web application and download a JSON configuration file.
You can integrate Jscrambler into your Node.js app's build process using Grunt or Gulp.
Install the Jscrambler Grunt plugin:
Add the following lines to the bottom of Gruntfile.js:
grunt.loadNpmTasks('grunt-jscrambler');
grunt.registerTask('default', ['jscrambler']);
Next, specify the task itself using some parts of the jscrambler.json file downloaded earlier: accessKey, secretKey, applicationId, and the params array.
Your final Gruntfile.js file should look similar to this:
module.exports = function(grunt) {
grunt.initConfig({
pkg: grunt.file.readJSON('package.json'),
jscrambler: {
main: {
options: {
keys: {
accessKey: 'YOUR_ACCESS_KEY',
secretKey: 'YOUR_SECRET_KEY'
},
applicationId: 'YOUR_APPLICATION_ID',
"params": [
{
"name": "objectPropertiesSparsing"
},
{
"name": "variableMasking"
},
{
"name": "whitespaceRemoval"
},
{
"name": "identifiersRenaming",
"options": {
"mode": "SAFEST"
}
},
{
"name": "globalVariableIndirection"
},
{
"name": "dotToBracketNotation"
},
{
"name": "stringConcealing"
},
{
"name": "functionReordering"
},
{
"options": {
"freq": 1,
"features": [
"opaqueFunctions"
]
},
"name": "functionOutlining"
},
{
"name": "propertyKeysObfuscation",
"options": {
"encoding": [
"hexadecimal"
]
}
},
{
"name": "regexObfuscation"
},
{
"name": "booleanToAnything"
}
]
},
files: [
{expand: true, src: ['app.js'], dest: 'dist/'},
]
}
}
});
grunt.loadNpmTasks('grunt-jscrambler');
grunt.registerTask('default', ['jscrambler']);
};
You can change src and dest to match your project's requirements.
Next, make sure that your build process is using Grunt in package.json:
"scripts": {
"build": "grunt"
},
Build the application:
npm run build
There you go. The protected files can be found on /dist/.
Install the Jscrambler Gulp plugin:
Edit gulpfile.js adding some parts of the jscrambler.json file downloaded earlier: accessKey, secretKey, applicationId, and the params array.
Your final gulpfile.js file should look similar to this:
var gulp = require('gulp');
var jscrambler = require('gulp-jscrambler');
gulp.task('default', function (done) {
gulp
.src('app/**/*.js')
.pipe(jscrambler({
keys: {
accessKey: 'YOUR_ACCESS_KEY',
secretKey: 'YOUR_SECRET_KEY'
},
applicationId: 'YOUR_APPLICATION_ID',
"params": [{
"name": "objectPropertiesSparsing"
},
{
"name": "variableMasking"
},
{
"name": "whitespaceRemoval"
},
{
"name": "identifiersRenaming",
"options": {
"mode": "SAFEST"
}
},
{
"name": "globalVariableIndirection"
},
{
"name": "dotToBracketNotation"
},
{
"name": "stringConcealing"
},
{
"name": "functionReordering"
},
{
"options": {
"freq": 1,
"features": [
"opaqueFunctions"
]
},
"name": "functionOutlining"
},
{
"name": "propertyKeysObfuscation",
"options": {
"encoding": [
"hexadecimal"
]
}
},
{
"name": "regexObfuscation"
},
{
"name": "booleanToAnything"
}
]
}))
.pipe(gulp.dest('dist/'))
.on('end', done);
});
You can change .src and .pipe(gulp.dest('dist/')) to match your project's requirements.
Next, make sure that your build process is using Gulp in package.json:
"scripts": {
"build": "gulp"
},
Build the application:
npm run build
There you go. The protected files can be found on /dist/.
There are no known problems integrating Jscrambler with Node.js.