DEV Community


Discussion on: Protecting Your React.js Source Code with Jscrambler

j_scrambler profile image
Jscrambler • Edited

You do raise some pertinent points, so let me clear our stance on those:

First, it's true that this doesn't encrypt your code (you can't encrypt JavaScript). The objective of obfuscation is to greatly increase the cost of reverse-engineering attempts, which is useful when you want to ensure that your proprietary code is not on plain sight nor easily retrievable. While this tutorial focuses on obfuscation, Jscrambler is not an obfuscation tool; it provides a total of 3 JavaScript protection layers (including code locks and self-defending).

As for the other concerns you raised:

  • Obfuscation does increase code size, but Jscrambler enables you to apply obfuscation only on the most sensitive parts of the code. With this fine-tuning, the size increase and performance impacts are marginal.
  • This may be true for free obfuscation tools but Jscrambler provides Source Maps to enable easily debugging protected code.
  • Code dependencies can and should be considered with caution security-wise, so that's a great point. As an industry-recognized security company that has the trust of companies from the Fortune 500, our products meet the highest security standards, so we'll never inject malware or any malicious code.

We absolutely agree that you shouldn't rely on front-end security alone. But you shouldn't also dismiss it when you have proprietary code which can be stolen or tampered with.