Pixelknight1398 Pixelknight1398 - 3 months ago 4
CSS Question

How can I protect my application code?

I am building a web application for a company so they can test the app on a control group of people to see if they would like to try funding the app. Funding beforehand is not an option, however I would like to keep the code somewhat private, so that someone from an IT team can't just easily download all the app files and claim it as theirs. I have researched a little but also found little on what can be done to protect the files for the app which are written in javascript, html, css, ect. basic web development languages. i was just curious if anyone knew of a way to somehow protect these files if it is even possible. I'm not against sharing my code, however for a business opportunity I prefer that it remain private for the time being.


This question has been answered before: How can I obfuscate (protect) JavaScript?

But anyway, here's my take on the question:

You don't need to protect your HTML/CSS code, unless that aspect of the app is what is so proprietary. If that is so, obfuscate your code (there are many websites online that will do this for you).

From the information you gave me, I can infer that it's not the styling or the UI you want to protect, it's the application's logic. In that case, you can obfuscate and then minify the JS code such that it's very hard to deconstruct (although some web browsers do pretty-print the code). To see an example of this, go to Google, open the dev tools, and look at any JS file under the Sources.

I also saw another interpretation to your question. If you meant "to protect the application from being downloaded and then reuploaded", that sadly isn't possible with web apps (unless you explicitly check the domain that the app is running on and restrict the app from running on domains other than yours).

An implementation of the domain-protection would look something like this:

if (window.location.hostname !== "yourwebsite.com") {
   alert("Invalid domain, redirecting to official app...");
   document.location = "http://www.yourwebsite.com/app/";

After adding this protection, you can stop it from being removed by minifying and obfuscating the JS code.