Search code examples
htmlsecuritygulp

How to minify, uglify, comiple and clearly make view source to be the most unclearly to decrease hackers readability?

My view source code looks like this:

Click here to view the example

While its like an open book - an hacker can just read it with a glass of coffee, very comfort and understand everything he needs and play with it.

While Facebook, in constrain, source code makes the hacket SWAT! in order to understand something. Which reduce 90% of browser injections.

See the image below of FB view source:

enter image description here

How did they do this? It's like a tornado!

Solution

  • To reduce the readability of the code, one can:

    • Remove all spaces
    • Rename all variables and method names to arbitrary single-letter idenifiers
    • (advanced) encode strings
    • (even more advanced) encode the entire method

    What facebook does there is not really advanced, google is much uglier still. Be aware though that neither of this will prevent any malicious user to try to hack your site. Obfuscation (that's what these concepts are named) does not technically improve security. You have to ensure your backend is not vulnerable when it gets requests that would not normally be possible using your HTML.