I have a question in using CryptoObfuscator or RedGate SmartAssembly to obfuscate Asp Mvc Assemblies :
It seems when you use one of these tools to obfuscate assemblies, then they will rename properties of classes, right?
so I think because of this operation we will lose access to some of the values in JSON format that would comes from server during serialization ( I mean that because of renaming the properties we cant parse JSON object in JS correctly)
If this is true, so how can we prevent loosing parseJSON operation in JS?
Let me include more details :
consider this class structure
public class MyClass
{
public string FName{get;set;}
. . .
}
//SampleController :
public JsonResult GetJson()
{
return Json(new MyClass{FName = "Alex"});
}
Now in ClientSide :
$.ajax({
url: "/Sample/GetJson",
context: document.body
}).success(function(data) {
//this is my problem : can I access to FName or Not?
var fname = jQuery.parseJSON(data).FName;
});
Basically Obfuscators DO NOT change return value's Property's names.
But if some obfuscator does so... you can Simply accomplish this by using following in your ajax call:
$.ajax({
url: "/Sample/GetJson",
dataType: "json"
success: function(data) {
var transformedData = {fname:arguments[0], somethingElse:arguments[1]};
//or
var fname = arguments[0];
//do the rest here...
}
});
You can also use [DoNotObfuscate] attribute in "smart assembly"
By using this, you can prevent json results from being obfuscated at all (on server side).
Also there should be some (other/same) strategies for other obfuscators.
I personally use CryptoObfuscator and it has some options to prevent (what/where) ever you'd like from being obfuscated.