I'm new to JS and PHP and currently have a key I need to use in JavaScript; but I don't want the user to be able to view the code and see it.
I tried putting the key in PHP and echoing it for the JS variable that holds the key, but that will just print it out anyways.
How can I use the key in JavaScript without allowing users to view the source?
EDIT: I'm using an API key to get data and use that data in functions.
分享 Exactly what is it that you are trying to protect against? Casual use of View Source? A serious attack against your web app by a skilled user? Packet sniffing at Starbucks?
Sorry, but I've deleted and rewritten this response a dozen times, with a dozen answers depending on your particular situation. Many different security concepts are at play here. The other posters are all correct, in that you can not conceal Javascript from the user. In fact, you cannot conceal anything that is sent to the user's browser. Obfuscation and sessions can help, but aren't perfect.
That does not mean you can't achieve your security goals.
But we all need to know what you are trying to achieve!
分享
