Web Security Javascript

Protecting JavaScript Source Code Using Obfuscation - Facts and Fiction

August 5th, 2013 | By Jscrambler | 1 min read

Obfuscation is one of the most popular solutions to secure and enhance the protection of JavaScript source code. What are the facts and the myths about it?

Just a quick note: JScrambler was officially launched in 2010. Three years later, it was about time to have a blog signed by the leading client-side security solution for JavaScript in-app protection and real-time webpage monitoring. This is our first blog article!

Through it, we expect to boost communication with our users and with the community of developers that have an interest in JavaScript source code protection.

To start, we’d like to share with you a presentation we did recently at the OWASP Europe Tour 2013 in Lisbon. In this presentation, our CTO, Pedro Fortuna, explains the basic concepts around source code obfuscation.

JavaScript Obfuscation: Metrics, Facts, and Myths

Metrics such as obfuscation potency, resilience, stealthiness, execution cost, and maintainability are deeply explained. Simple examples are provided to better understand these metrics.

The last part of the presentation addresses common misconceptions around JavaScript source code obfuscation by answering questions such as:

  • Does JavaScript source code minification/compression provide protection for my code?

  • Is non-alphanumeric JavaScript obfuscation any good?

  • Is all dead code injection defeated with a static code analyzer and therefore pointless?

OWASP Europe Tour 2013 in Lisbon: Protecting JavaScript code

You can go through the slides about protecting JavaScript source code using obfuscation, presented at the OWASP Europe Tour 2013. These were optimized for improved readability (not obfuscation).

This presentation focuses on the specific case of JavaScript source obfuscation and the main usage cases. It also gives examples of obfuscation and its value in providing real protection against reverse engineering.

More about JavaScript Obfuscation
Code obfuscation aims to delay the understanding of what a program does. It can be used, for example, in scenarios where the code contains Intellectual Property (algorithms) or when the owner wants to prevent a competitor from stealing and reusing the code.

That said, obfuscation transformation translates easy-to-understand code into a much harder-to-understand form.

Read more about JavaScript obfuscation in our practical and complete guide with a step-by-step approach to exploring key questions.


The leader in client-side Web security. With Jscrambler, JavaScript applications become self-defensive and capable of detecting and blocking client-side attacks like Magecart.

View All Articles

Must read next


Can ChatGPT reverse engineer Jscrambler obfuscation?

As the potential of ChatGPT (and of Generative AI in general) is unveiled, experts and developers keep asking questions and experimenting with the tool. Can it crack even the strongest protections...

June 13, 2023 | By Jscrambler | 6 min read

Javascript Cybersecurity

JavaScript Obfuscation: The Definitive Guide for 2024

JavaScript obfuscation is a series of code transformations that make JS extremely hard to understand and reverse-engineer. This definitive guide explores it in-depth.

January 30, 2024 | By Jscrambler | 18 min read

Section Divider

Subscribe to Our Newsletter