Make a . JS available to other websites

Asked

Viewed 56 times

1

I’m starting out in this language, and I need some guidance... I need to perform a javascript code that should be on my server and only be made available to the client. J, in order to save the code for me... I would check which is the client can use by giving him an encoded password (token type) and check if his url is authorized... The example explain better... That would be the code the customer would put on their website

<script src="https://meusite.com.br/cotacao_dolar.js?token=3c780698c2cf59ca7ae5130fdc2016ce4af736a4"></script>

And the code on my server would pull those two values (token and URL)... How can I pull these values into my script? Any role models for me to follow? Att,

1 answer

0

These parameters will be available via GET. In your script, you would use something like this:

// Vai armazenar o endereço da requisição, no caso, https://meusite.com.br/cotacao_dolar.js?token=3c780698c2cf59ca7ae5130fdc2016ce4af736a4
var url_string = window.location.toString();

var url = new URL(url_string);
var token = url.searchParams.get("token");

// Retorna o token
console.log(token);

// Retorna o domínio
console.log(url.host);

// Retorna o protocolo + domínio
console.log(url.origin);

// Retorna o nome do script
console.log(url.pathname);

It was answered this question in Stackoverflow in English, the credit link is here: https://stackoverflow.com/a/979995

In this link there is also a second script option for old browsers.

EDIT When you make the script available to someone else to use on her website, she can still open it and see the code. To prevent the person from reading the code, you can obfuscate the code.

Sites like this: https://javascriptobfuscator.herokuapp.com/ Allow you to put a JS code and obfuscate it on multiple levels. The code I posted of example, when it is obfuscated, has an output similar to that below (and still continues to work normally):

var _0x3456=['toString','searchParams','log','host','origin','pathname','length','constructor','debugger'];(function(a,d){var b=function(b){while(--b){a['push'](a['shift']());}};var c=function(){var a={'data':{'key':'cookie','value':'timeout'},'setCookie':function(b,h,i,e){e=e||{};var c=h+'='+i;var a=0x0;for(var a=0x0,f=b['length'];a<f;a++){var g=b[a];c+=';\x20'+g;var d=b[g];b['push'](d);f=b['length'];if(d!==!![]){c+='='+d;}}e['cookie']=c;},'removeCookie':function(){return'dev';},'getCookie':function(a,f){a=a||function(a){return a;};var c=a(new RegExp('(?:^|;\x20)'+f['replace'](/([.$?*|{}()[]\/+^])/g,'$1')+'=([^;]*)'));var e=function(a,b){a(++b);};e(b,d);return c?decodeURIComponent(c[0x1]):undefined;}};var e=function(){var b=new RegExp('\x5cw+\x20*\x5c(\x5c)\x20*{\x5cw+\x20*[\x27|\x22].+[\x27|\x22];?\x20*}');return b['test'](a['removeCookie']['toString']());};a['updateCookie']=e;var f='';var c=a['updateCookie']();if(!c){a['setCookie'](['*'],'counter',0x1);}else if(c){f=a['getCookie'](null,'counter');}else{a['removeCookie']();}};c();}(_0x3456,0x1a7));var _0x6345=function(a,c){a=a-0x0;var b=_0x3456[a];return b;};var _0x1da1b0=function(){var a=!![];return function(d,b){var c=a?function(){if(b){var a=b['apply'](d,arguments);b=null;return a;}}:function(){};a=![];return c;};}();var _0x5d307c=_0x1da1b0(this,function(){var b=function(){return'\x64\x65\x76';},c=function(){return'\x77\x69\x6e\x64\x6f\x77';};var d=function(){var a=new RegExp('\x5c\x77\x2b\x20\x2a\x5c\x28\x5c\x29\x20\x2a\x7b\x5c\x77\x2b\x20\x2a\x5b\x27\x7c\x22\x5d\x2e\x2b\x5b\x27\x7c\x22\x5d\x3b\x3f\x20\x2a\x7d');return!a['\x74\x65\x73\x74'](b['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var e=function(){var a=new RegExp('\x28\x5c\x5c\x5b\x78\x7c\x75\x5d\x28\x5c\x77\x29\x7b\x32\x2c\x34\x7d\x29\x2b');return a['\x74\x65\x73\x74'](c['\x74\x6f\x53\x74\x72\x69\x6e\x67']());};var a=function(a){var b=~-0x1>>0x1+0xff%0x0;if(a['\x69\x6e\x64\x65\x78\x4f\x66']('\x69'===b)){f(a);}};var f=function(b){var c=~-0x4>>0x1+0xff%0x0;if(b['\x69\x6e\x64\x65\x78\x4f\x66']((!![]+'')[0x3])!==c){a(b);}};if(!d()){if(!e()){a('\x69\x6e\x64\u0435\x78\x4f\x66');}else{a('\x69\x6e\x64\x65\x78\x4f\x66');}}else{a('\x69\x6e\x64\u0435\x78\x4f\x66');}});_0x5d307c();var _0x335e95=window['location'][_0x6345('0x0')]();var _0x33f763=new URL(_0x335e95);var _0x31ae0e=_0x33f763[_0x6345('0x1')]['get']('token');console[_0x6345('0x2')](_0x31ae0e);console[_0x6345('0x2')](_0x33f763[_0x6345('0x3')]);console[_0x6345('0x2')](_0x33f763[_0x6345('0x4')]);console[_0x6345('0x2')](_0x33f763[_0x6345('0x5')]);var _0xd3172e=function(){function a(b){if((''+b/b)[_0x6345('0x6')]!==0x1||b%0x14===0x0){(function(){}[_0x6345('0x7')](_0x6345('0x8'))());}else{(function(){}[_0x6345('0x7')](_0x6345('0x8'))());}a(++b);}try{a(0x0);}catch(a){}};_0xd3172e();

  • Thanks, so the idea is not yet complete... I need a help to be able to elaborate the idea... is the following... I will make modals to be placed on an external website, which will be verified by token whether or not this site is released... Your code already helped me... Now what I need to do is give the client a script code to be placed on his site, example "<script src="http://www.teste.com/publish.js?token=0893287988"></script>". But NO one should see the code... the modals I’m doing in javascript, but currently, one opens the link above and views all the code

  • Got it! Unfortunately, the person will see the code, because javascript does not prevent it. What you can do is "camouflage" the javascript code, so that it cannot be read by an ordinary person. I will edit my main answer.

  • I understand, perfectly, I’m going to overshadow... is the best option seen so far

Browser other questions tagged

You are not signed in. Login or sign up in order to post.