Ok, here's your solution:
Create an aspx page. Call it "JSSource.aspx"
Open the HTML view and delete everything except the contents of the <@ Page>
directive.
Open the Code Behind for this page.
Add two using statements:
using System.Text;
using System.IO;
Add the following to the Page_Load handler:
private void Page_Load(object sender, System.EventArgs e)
{
// Put user code to initialize the page here
string script;
StringBuilder b = new StringBuilder();
b.Append("function doOnLoad(){");
b.Append("alert('hello there');}");
if(Request.UrlReferrer==null||Request.UrlReferrer.Host!="localhost")
script = "var youbite = 'eat me';";
else
script = b.ToString();
ASCIIEncoding encoder = new ASCIIEncoding();
byte[] buffer = encoder.GetBytes(script);
Response.ContentType = "text/javascript";
Response.OutputStream.Write(buffer,0,buffer.Length);
}
Then create a new aspx page. Call it JSClient.aspx
Open the HTML View and add the following betweent the </HEAD> and <BODY>
tags.
<script Language="javascript" type="text/css" src="JSSource.aspx"></script>
in the Body tag, add the following onLoad="doOnLoad();"
Then create a third page. Call it "Launch.aspx" add a hyperlink control, or
a simple <A href> tag. the NavigateUrl = "JSClient.aspx"
Build and launch the "Launch.aspx" page. When you click on the link, it'll
load the JSClient.aspx page and you should get a nice little Hello World
popup.
Enhance as you see fit. Another think you may want to think about is
caching. You may want to make sure to add directives to prevent the browser
from caching the JSSource.aspx page. Also, if it's being deployed on a
client site, they could open the site's dll with something lik Reflector and
see your source, so you might want to obfuscate that.
It's a little simple I agree, but it's the best I could come up with on such
short notice.
BTW - Never accept never as an answer. When they say it can't be done, be
like me and say why not. Sometimes ignorance is bliss.
Dave
kpg said:
Hello all,
I have an asp.net web application with tons of Java script files.
I would like to protect the Java Script somehow so it can't be
seen by a remote user.
I found several 3rd party solutions, but I thought I remember that
there was a way to 'compile' java script and use that instead of
the actual script?
The problem I have with 3rd party solutions is two-fold:
1) I'm cheap
2) I'm going to install the app on a customer's server for use by
their customers. I don't want them (my customer) or their customers
to have access to the java script files.
I think a 3rd party solution would work fine for me on my server, but I
can't really give the customer the app and the 3rd party protection thingy
and say: install this so you can't see my code (because they might not!).
Anyway, I'm open to any solution.
Thanks
kpg