Even if someone downloads your code, it’s now impossible to reverse engineer or otherwise figure out.
The downside to this technique is that it works only on Internet Explorer on Windows. After it is
encoded, the script is essentially useless to any other browsers on any other operating systems. If you
are sure that your only users are running IE on Windows (such as in a corporate Intranet), this may be
helpful to you. Otherwise it’s best to go with an obfuscating utility that works across all browsers.
Web site or to a client via a Web application.
The first issue discussed was security. Various security issues, ranging from general concepts (such
as the Same Origin Policy) to browser-specific issues (like Mozilla’s signed scripts), were discussed.
mize the size of the code (by removing extra white space and comments) and to reduce the time it takes
for the script to execute (by using common programming techniques). I discussed a variety of different
methods to achieve optimization, and I also introduced several utilities that can aid in the process.
The last topic discussed was intellectual property. Code obfuscation and encoding were introduced as
methods to prevent reverse engineering. You learned that obfuscation is a better solution for cross-
browser compatibility than using the Windows Script Encoder, which works only for Internet Explorer
on Windows. Ultimately, the method you use to protect your intellectual property is largely determined
by the Web solution you are developing.
You can learn more about the Microsoft Script Encoder at
22_579088 ch19.qxd 3/28/05 11:43 AM Page 595