Javascript caching and protection?

I'm writing a javascript that generates some data. I intend to use it as a free web application, open for everyone that want to use it.

But I got a lot of time and effort to write this this script (mainly because I want it to personal use and I couldn't find anything efficient and resumed as this). I'm a beginner developer and I know is impossible to protect or obfuscate the script because you don't even need other app to decoding obfuscated info, there's a lot of methods and the laziest is just find the "eval" word in the js file and replace it with "alert". When you open the html page boom you receive a popup window with all the code decoded...

What I'm asking is if there's anyway to prevent when a user "save as..." the page with the browser, the javacript and css files do not be saved in the structure. In the past I tried to save some pages with the browser and I only could save the html file (and sometimes not even with all the html information, I suspect there was iframes), no js and no css... I tried with some websites downloade开发者_运维知识库rs (sitesucker,deepvacumm,etc) and not even with this downloaders I was able to download the files. The only way was to "inspect" the page and download it manually and make the folder structure manually.

As I said I want to give this script totally free as a service (I will even buy a domain for it) because I made it with love. My only request (to receive some kind of personal pride) is that when people want to use it they came to my site and made it in real time and if they "save as..." the page, they can save the generated information that don't save the script, so they came back again to use the service.

Does anyone can help with some tips and information. Links, advices, professional and personal tricks?

I think it is not possible to prevent access to the Javascript code in the browser. I also think that by minifying the JS code e.g. with Google's Closure compiler (ADVANCED option) you protect your code as much as you can. Although the code can be copied as it is, it cannot be understood or modified with a reasonable effort.

You could download all JavaScript/CSS files through one JavaScript file (a loader), like this. That way, downloaders have to execute JavaScript before they can know what JavaScript/CSS files are included, which I don't think they do. As I said in my comments, I'm not entirely sure whether this works!

HTML:

...
<script src="loader.js"></script>
<!-- no other JavaScript/CSS here -->
...

loader.js:

window.onload = function() {
    var head = document.getElementsByTagName('head')[0]; // the <head>

    var scriptElement = document.createElement('script'); // create <script>
    scriptElement.src = 'file1.js';
    head.appendChild(scriptElement); // add <script> to <head>

    var linkElement = document.createElement('link'); // create <link>
    linkElement.setAttribute('rel', 'stylesheet');
    linkElement.href = 'file1.css';
    head.appendChild(linkElement); // add <link> to <head>
}

Convert your code to a server side script (PHP, Python, C#, etc). It's the only way to be sure your users won't be able to "steal" your work.

JavaScript must eventually be decoded by my browser, and at that moment, is available to me too, and there is no way to prevent it, you can only make it harder.

But the bottom line is: why do you have to do it? If you only want "personal pride" wouldn't it be better to upload your code to a collaborative site like github or SourceForge where other people can appreciate your work and maybe even contribute to it?

Also, if you share your code under a licence like GPL or CC everyone who reuses your code must give credit to you (yes, one can simply steal it, but that is possible under your scenario, too).

There is really no technical solution to your problem: if the user can execute your javascript, they will have to download it somehow. Whatever solution chosen, anyone with sufficient knowledge of Firebug or the Webkit inspector will be able to retrieve the script. You can obfuscate it my minifying it, but it will not prevent anyone to use it as-is.

The solution to your problem is legal, not technical. If you explicitly state, in your Javascript header, that the script is under a restrictive licence, anybody copying it would break the law. If you find somebody doing this, you can then:

• nicely ask them to remove the script from their site
• threaten to sue?

(by the way, if I may give a personal opinion here, there is much personal pride to be had in giving away code anybody can re-use... you can include your name and a link to your site in the header of the script: it is considered very bad form (and potentially illegal) to remove attribution and copyright notices)