开发者

Protect content in Javascript

问答 作者:

I'd like to port one of my games to WebG开发者_如何学运维L, but it uses sounds and images I licensed from third parties. It would go against the license to have it just pull the unprotected files straight from the web server.

Before, I got around this by embedding a bunch of these files in my own file format, but I'm not sure if I can just read in X amount of bytes from a file and then pass it to Javascript and say "hey, this is a png image." Is that possible? Are there any other good ways to protect files?

If the stuff has to end up in a user's browser, then, well, there it is in the user's browser. You can't protect it other than by obfuscation, which is a complete waste of time if the stuff you're protecting has actual value. (Think of it this way: if it's really valuable stuff — meaning that you'd suffer some considerable loss if somebody got it illicitly, and that the thief would reap considerable gains — then the minor effort necessary to overcome obfuscation is obviously worthwhile to the thief.)

If you want to protect content in your JS file you will need to create a JS durable object, by defining an object that is the result of a function call.

something like this... 

var imageContainer = function(protectedImageContainer) {
        var that = {};
        that.getImage = function () { 
              // bytes -> image transform would happen here.
              return protectedImageContainer.data; 
        };
        return that;
};

In this example, protectedImageContainer.data is protected and tamper-proof, only accessible through your getImage method.

This along with blocking a right-click "Save as..." should get you closer to where you want to be.

You can't protect stuff in javascript since it executes in the client-side and anything you do to obfuscate or "protect" the files can be undone by a user willing enough to do so.

This does the trick:

var i = new Image();
i.src = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKCAIAAAACUFjqAAAAAXNSR0IArs4c6QAAABJJREFUeJxj+N/wHw9iGJXGhgDu6Pk5cOz+IwAAABF0RVh0Q29tbWVudAB0RVhUIHRleHTAVE3RAAAAAElFTkSuQmCC';

Then if you embed that string somewhere obscure and scramble it it should keep away the low-hanging fruit.

Would your license permit you to store the resources in encrypted form on a web server? If this is not an option then you're probably going to have to use something that can encapsulate the media -- Java Applets, perhaps.

继续阅读:javascript

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9