prevent people from stealing your work. This tool is a Web UI to the excellent (and open source)
created by Timofey Kachalov.
|Compact Code||Removes line breaks from the output obfuscated code.|
|Identifier Names Generator||
Use this option to control how identifiers (variable names, functions names, etc) will be obfuscated.dictionary
Generates identifier names using names from
Generates random identifier names using a hexadecimal pattern (e.g:
Uses short identifier names (e.g:
This options sets identifiers list for
This options makes all global identifiers have a specific prefix.
Use this option when obfuscating multiple files that are loaded on the same page. This option helps to avoid conflicts between global identifiers of these files. Use a different prefix for each file.
Enables the obfuscation of global variables and function names with declaration.
requires the Compact Code setting.
|Control Flow Flattening||
|Dead Code Injection||
requires the String Array option.
This feature splits literal strings into chunks with length of the
Removes string literals and place them in a special array. For instance the string "Hello
See the options below on how to configure this feature be more or less resilient.
|Transform Object Keys||
Transforms (obfuscates) object keys.
For instance, this code
ideally used with the String Array setting.
|Escape Unicode Sequence||
Converts all the strings to their unicode representation. For instance, the string
This convertion is pretty easy to revert, and will increase the obfuscated code size greatly. It's not recommended on larger code bases.
|Disable Console Output||
Disables the use of
This option makes it almost impossible to use the Console tab of the Developer Tools (both on Google Chrome and Mozilla Firefox).
Locks the obfuscated source code so it only runs on specific domains and/or sub-domains. This makes really hard for someone just copy and paste your source code and run elsewhere.Multiple domains and sub-domains
It's possible to lock your code to more than one domain or sub-domain. For instance, to lock
it so the code only runs on www.example.com add
Disables obfuscation and generation of identifiers, which being matched by passed RegExp patterns.
For instance, if you add
Disables transformation of string literals, which being matched by passed RegExp patterns.
For instance, if you add
Source maps can be useful to help you debug your obfuscated Java Script source code. If you want or need to debug in production, you can upload the separate source map file to a secret location and then point your browser there. Read more about source maps on the Google Chrome Developer Tools website.Inline Source Map
This embeds the source map of your source in the result of the obfuscated code. Useful if you just want to debug locally on your machine.Separate Source Map
This generates a separate file with the source map. Useful to debug code in production, as this enables you to upload the source map to a secret location on your server and then point your browser to use it.
Use the Source Map Base URL and Source Map File Name to
For instance, if you set the Base URL to
By default (
You can set the target environment of the obfuscated code to one of the following:
There're a numerous reasons why it's a good idea to protect your code, such as:
No, while it's impossible to recover the exact original source code, someone with the time, knowledge and patience can reverse-engineer it.
Because the obfuscator introduces new pieces of code that are meant to protect and defend against
debugging and reverse-engineering. Also strings are converted to
\xAB hexadecimal code to
make things a little bit harder to understand. You don't have to worry too much about code size because
since there're a lot of repetition, the obfuscated code will be compressed extremely well by your
webserver (if you have GZIP compression enabled on your server, which most do nowadays).
No, it's not recommended and in some cases it'll break the code (such as if you enable self-defending). You can run your code through a minifier before to make sure that it removes dead code and do other optimizations, though.
No. The source is processed by our application server, then to the obfuscator and back to the browser, so it only stays on our server memory for a brief period of time (usually milliseconds).
No, it's impossible to revert the obfuscated code back to your original code, so keep the original safe.
Sure. This tool uses a free and open source (BSD-2-Clause licensed) obfuscator written in TypeScript. You can go to its GitHub page and read more there.
Also, this web app is open-source as well. Check out our GitHub.
If you're interested in just uglyfing and compressing your code, I suggest JSCompress.com.