我最近开始使用 uglify-js 来压缩我的 JavaScript。源映射是一个很好的调试功能,但对我们来说,压缩 JavaScript 的部分好处是混淆。
将源映射放在受密码保护的目录中会阻止被动观察者使用它来重新美化我们的 JavaScript 吗?他会有什么不良副作用吗?
我不熟悉浏览器如何以及何时请求此文件。我不希望它触发密码提示和给用户带来不便,但我也不希望它公开可见。
问问题
531 次
1 回答
0
Well, using Grunt you can set up different routines for dev to production; i.e. you may find Sass comments useful in dev but when you go to production you want all the comments stripped out. Same with sourcemaps. What I like to do is test with minified scripts to make sure everything works before the site goes live, so that my development environment is as close to the production environment as possible.
Ideally, you should have a local clone of your production site in which you can bugfix, enhance etc, rather than debugging a live site.
Yes it's possible someone can still take your JavaScript and beautify it again, but I think they would need the (uncompressed) source files, which you wouldn't store on your website in the first place; all they'd then be left with is beautified JS that had 1 character variable and function names, practically useless to anyone :-)
于 2013-10-05T17:46:31.580 回答