1.1.1 • Published 3 years ago

hidejs v1.1.1

Weekly downloads
34
License
Apache-2.0
Repository
github
Last release
3 years ago

HideJS

Return frontend script to client that can't be viewed by client's BROWSER

Also: Information on the latest update is here in the Update Section

Here's how to use it:

Demonstration Below

Firstly the syntax would be something like callbackName=hide(callbackName,hiddenScriptReturner,optionalArray) where hide would be require('path/to/hide.js').hide For each parameter used in the example, here are the descriptions

  • callbackName: This is the function that would handle REQUESTS and RESPONSES(like http.createServer(callbackName) or app.all('*',callbackName))
  • hiddenScriptToServe: This is the function that would return script(this return value can be a string or buffer) that will be run on the client side YET hidden from being seen from users on the client side. It takes in ONE argument, which is the REQUEST that the user sends(as in when a user enters a url or clicks a link)
  • optionalArray: This is not a manditory parameter, but if you put it, it MUST be an ARRAY of STRINGS. This array would be for the client side global modules(like Array.prototype.join) that your hidden code would be using. This measure exists because if NOT for it, it is EXTREMELY POSSIBLE for the user to overwrite the global function and then trace all that call it(and your hidden code can be traced and seen, even manipulated). As much as it isn't really possible to revert a global module back to its default state, BUT it is possible to accurately compare and prevent the page from running anymore if ANY checked global module is compromised(your code would STILL remain hidden)

Here's how to install:

You can:

  • Click the Green Code Button to Download Zip then extract OR
  • You can git clone https://Y0ursTruly/HideJS.git OR
  • You can npm install hidejs

Here's how it works:

It uses a series/chain of request steps only the browser can follow(due to certain header protocols being ENFORCED so in this case, it means the client side user cannot imitate the sequence), thus, only the actual window would be able to follow the request/response chain to the end to get the HIDDEN CODE CURRENT LIMITATIONS: As for now, this doesn't work on some browsers and, for the hidden script to load, you HAVE TO enable popups

Demonstration

Here is a Hide JS Example that is the live hosting version of cloning this repository and running requireExample.js with node (like node path/to/requireExample.js)

Requesting Help

You see, although I have an Express Example, it only works with app.all, I'd like to be able to change that so it's able to work with all the things that app gives(like get, post, etc) You can contact me through my email

Update

  • Before, hiddenScriptToServe was executed and given a completely separate REQUEST than the one the user initially puts(entering/clicking a url). Now, hiddenScriptToServe is executed and given the REQUEST the user puts(entering/clicking a url), then that value is stored until when it should be returned(which is an entirely separate request)
  • Now, the hiddenScriptToServe parameter would be given the REQUEST that the user puts(when a user enters or clicks a url) instead of a separate REQUEST that is vaguely similar to the one the user actually put
hidehidejshide-jsHideJShidden-scripthide-scriptbackendfrontendfullstackprotocols
@everything-registry/sub-chunk-1846
1.1.1

3 years ago

1.1.0

3 years ago

1.0.10

3 years ago

1.0.9

3 years ago

1.0.8

3 years ago

1.0.5

3 years ago

1.0.0

3 years ago