After inspecting the history of that line, my main conclusion is that there has been some incompetent programming at work. That line is gratuitously convoluted. The general form a? true : b for boolean a, b is equivalent to the simple a || b The surrounding negation and excessive parentheses convolute things further. Keeping in … Read more
Working with content and attr in CSS: .cryptedmail:after { content: attr(data-name) “@” attr(data-domain) “.” attr(data-tld); } <a href=”#” class=”cryptedmail” data-name=”info” data-domain=”example” data-tld=”org” onclick=”window.location.href=”https://stackoverflow.com/questions/483212/mailto:” + this.dataset.name + ‘@’ + this.dataset.domain + ‘.’ + this.dataset.tld; return false;”></a> When javascript is disabled, just the click event will not work, email is still displayed. Another interesting approach (at least … Read more
but they can all be worked around and or figured out by code analysists given the right time frame. If you give people a program that they are able to run, then they will also be able to reverse-engineer it given enough time. That is the nature of programs. As soon as the binary is … Read more
You can try PHP protect which is a free PHP obfuscator to obfuscate your PHP code. It is very nice, easy to use and also free. EDIT: This service is not live anymore. As for what others have written here about not using obfuscation because it can be broken etc: I have only one thing … Read more
The line: while( a[ 0xFULL?’\0′:-1:>>>=a<:!!0X.1P1 ] ) contains the digraphs :> and <:, which translate to ] and [ respectively, so it’s equivalent to: while( a[ 0xFULL?’\0′:-1 ] >>= a[ !!0X.1P1 ] ) The literal 0xFULL is the same as 0xF (which is hex for 15); the ULL just specifies that it’s an unsigned long … Read more
Let’s see: “https://stackoverflow.com/” / “https://stackoverflow.com/” means the char literal /, divided by the char literal “https://stackoverflow.com/” itself. The result is one, which sounds reasonable for TRUE. And ‘-‘ – ‘-‘ means the char literal ‘-‘, subtracted from itself. This is zero (FALSE). There are two problems with this: first, it’s not readable. Using 1 and … Read more
Other answers here work fine, but AES is a more secure and up-to-date encryption algorithm. This is a class that I obtained a few years ago to perform AES encryption that I have modified over time to be more friendly for web applications (e,g. I’ve built Encrypt/Decrypt methods that work with URL-friendly string). It also … Read more
You can’t. There are steps you can take to make it a little more difficult, but ultimately any executable on the local machine is crackable. Eventually, that code has to be converted into native machine code and every application that is runnable is vulnerable. What you want to do is just make it difficult enough … Read more
“Is there a good way to handle this problem?” No. Nothing can be protected against reverse engineering. Even the firmware on DVD machines has been reverse engineered and the AACS Encryption key exposed. And that’s in spite of the DMCA making that a criminal offense. Since no technical method can stop your customers from reading … Read more
Obfuscation: Try YUI Compressor. It’s a very popular tool, built, enhanced and maintained by the Yahoo UI team. You may also use: Google Closure Compiler UglifyJS UPDATE: This question was originally asked on 2008, and The mentioned technologies are deprecated. you can use: terser – more information in web.dev. Private String Data: Keeping string values … Read more