在前端开发中,有很多工具和库可以帮助我们提高工作效率和代码质量,其中之一便是 npm 包 subterfuge。它是一个命令行工具,可以用于生成多种协议的混淆代码,从而增强代码的安全性。
安装 subterfuge
要使用 subterfuge,我们需要在本地安装它。打开终端,输入以下命令:
npm install subterfuge -g
这会全局安装 subterfuge,在任何地方都可以使用它。
使用 subterfuge
混淆 JavaScript 代码
假设我们有以下的 JavaScript 代码:
function add(a, b) {
return a + b;
}我们可以使用 subterfuge 将其混淆,生成更加难以阅读和理解的代码。执行以下命令:
subterfuge js -f add.js -o add-obfuscated.js
其中,js 表示混淆 JavaScript 代码的协议,-f 表示输入的文件路径,-o 表示输出的文件路径。执行完成后,我们可以在当前目录下找到 add-obfuscated.js,它的内容类似于以下代码:
$=(+[])[+[]],_=+!![],O=_+[];A=[+!+[]+[+!+[]+!+[]]]-![],C=[][+[]]+[][(!00+[])[+[]]+(!+[]+[])[+[]]+(!+[]+[]+[])[+![]]]+($[!+[]+!+[]+!+[]]+($[$[]][$[!+[]+!+[]+!+[]]+(+!+[])]+[])[$[$[]][+[]]+(-~+[+[]]+[+[]]+[+[]])]+$[+![]]+$[$[!+[]+!+[]+!+[]]+(+!+[])]+O[$[$$][+[]]+(1+[])[+![]]+(!![]+[])[+[]]+(!![]+[])[+![]]]+([][(+[])]+[]+[])[!+[]+!+[]+!+[]]+($[!+[]+!+[]+!+[]]+($[$[]][$[!+[]+!+[]+!+[]]+(+!+[])]+[])[$[$[]][+[]]+(-~+[+[]]+[+[]]+[+[]])]+($[$[+[]]+(+!+[])]+[])[$[$[]][+[]]+(!+[]+!![]+!![])]+O[$[$$][+[]]+(+[!+[]]+[+[]])+(!+[]+[])[+![]]]+($[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+![]]+($[$[]][+[]]+(!![]+[])[+[]])[(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]],(Q=[(!+[]+!![]+!![]+!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(+(+[!+[]]+[+[]]+[+[]])+[])[(+[])]+(+[])[+[]]+([][(+[]+[])]+[])[!+[]+!+[]+!+[]]],e=![]+[],W=[(!+[]+!+[]+[+[]])+(!+[]+!+[]+[+[]])[(!![]+!![]+!![]+[])[+[]]]+(+(211-(+[])))[+[]]+([][[]]+[])[+!+[]]+(+(+!++[+[]])<+[+[]]+[+[]]+[+[]]+[+!+[]]+[+!+[]]+[+!+[]]+[+!+[]]+[+!+[]]]+[])[+!+[]+[+[]]]+[(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+(+[]))[!+[]+!+[]+!+[]]+(!+[]+!![]+!![])+(+[''][0]+[])[!+[]+!+[]+!+[]]+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![])+(+!![]))[(!![]+!![]+!![]+!![]+[])[+[]]]+(+!![]+[+[]]<(+[])-~+[]*2?+[+!+[]]+[+[]]:+[+!+[]]+[+[]]+[+!+[]]+[+[]])+'([][([]+([]+([][(!+[]+!+[]+!+[]+!+[]])+(!+[]+!+[]+!+[])[+[]]+(![]+[])[!![]]+([][(+!+[])]+[][(!00+[])[+[]]+(!+[]+[])[+[]]+(!+[]+[]+[])[+![]]]+[][(+[])]+[])[(+[])]+(+[])[+[]]+([][(+[]+[])]+[])[!+[]+!+[]]))()'];(eval)(A.replace(/./g,function($){C.unshift($)}));try{Q()}catch(j){W()}可以看到,经过混淆后的代码变得非常难以理解和修改,从而增强了代码的安全性。
混淆 HTML 和 CSS 代码
除了 JavaScript 代码以外,subterfuge 还支持混淆 HTML 和 CSS 代码。我们可以使用以下命令:
subterfuge html -f index.html -o index-obfuscated.html subterfuge css -f style.css -o style-obfuscated.css
其中,html 表示混淆 HTML 代码的协议,css 表示混淆 CSS 代码的协议,其他参数的含义和之前一致。
小结
在本文中,我们介绍了 npm 包 subterfuge 的使用方法,可以用它来混淆 JavaScript、HTML 和 CSS 代码,从而增强代码的安全性。希望本文对您有所帮助,并能在实际开发中发挥作用。
示例代码
原始 JavaScript 代码:
function add(a, b) {
return a + b;
}混淆后的 JavaScript 代码:
$=(+[])[+[]],_=+!![],O=_+[];A=[+!+[]+[+!+[]+!+[]]]-![],C=[][+[]]+[][(!00+[])[+[]]+(!+[]+[])[+[]]+(!+[]+[]+[])[+![]]]+($[!+[]+!+[]+!+[]]+($[$[]][$[!+[]+!+[]+!+[]]+(+!+[])]+[])[$[$[]][+[]]+(-~+[+[]]+[+[]]+[+[]])]+$[+![]]+$[$[!+[]+!+[]+!+[]]+(+!+[])]+O[$[$$][+[]]+(1+[])[+![]]+(!![]+[])[+[]]+(!![]+[])[+![]]]+([][(+[])]+[]+[])[!+[]+!+[]+!+[]]+($[!+[]+!+[]+!+[]]+($[$[]][$[!+[]+!+[]+!+[]]+(+!+[])]+[])[$[$[]][+[]]+(-~+[+[]]+[+[]]+[+[]])]+($[$[+[]]+(+!+[])]+[])[$[$[]][+[]]+(!+[]+!![]+!![])]+O[$[$$][+[]]+(+[!+[]]+[+[]])+(!+[]+[])[+![]]]+($[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+![]]+($[$[]][+[]]+(!![]+[])[+[]])[(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]],(Q=[(!+[]+!![]+!![]+!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(+(+[!+[]]+[+[]]+[+[]])+[])[(+[])]+(+[])[+[]]+([][(+[]+[])]+[])[!+[]+!+[]+!+[]]],e=![]+[],W=[(!+[]+!+[]+[+[]])+(!+[]+!+[]+[+[]])[(!![]+!![]+!![]+[])[+[]]]+(+(211-(+[])))[+[]]+([][[]]+[])[+!+[]]+(+(+!++[+[]])<+[+[]]+[+[]]+[+[]]+[+!+[]]+[+!+[]]+[+!+[]]+[+!+[]]+[+!+[]]]+[])[+!+[]+[+[]]]+[(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+(+[]))[!+[]+!+[]+!+[]]+(!+[]+!![]+!![])+(+[''][0]+[])[!+[]+!+[]+!+[]]+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![])+(+!![]))[(!![]+!![]+!![]+!![]+[])[+[]]]+(+!![]+[+[]]<(+[])-~+[]*2?+[+!+[]]+[+[]]:+[+!+[]]+[+[]]+[+!+[]]+[+[]])+'([][([]+([]+([][(!+[]+!+[]+!+[]+!+[]])+(!+[]+!+[]+!+[])[+[]]+(![]+[])[!![]]+([][(+!+[])]+[][(!00+[])[+[]]+(!+[]+[])[+[]]+(!+[]+[]+[])[+![]]]+[][(+[])]+[])[(+[])]+(+[])[+[]]+([][(+[]+[])]+[])[!+[]+!+[]]))()'];(eval)(A.replace(/./g,function($){C.unshift($)}));try{Q()}catch(j){W()}原始 HTML 代码:
-- -------------------- ---- ------- --------- ----- ------ ------ ----- ---------------- -------------------- ----- ---------------- ----------------- ------- ------ ---------- ----------- ------- -- - -------------- ------- ------------------------ ------- -------
混淆后的 HTML 代码:
<!DOCTYPE html><html><head><meta charset="UTF-8"><title>$=(-~+[[-~[]]-~[]]+[][[-~[]]])[-~[-~[-~[-~[]]]]];(!![]+([]+([][[]]))[-~[-~[]]])[(((-~+[])*(-~[+[]]+(-~[+[]]+-~[+[]]))+(+[[!+[]+!+[]]])[-~[-~[-~[-~[-~[-~[-~[-~[]]]]]]]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[!+[]+!+[]]+([][(+[])]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+([][(+[])]+[])[!+[]+!+[]+!+[]]+([][(+[])]+[])[!+[]+!+[]]+([][(+[])]+[])[!+[]+!+[]]+([][(+[])]+[])[+[]]+(!![]+[])[-~[-~[]]]+(!![]+[])[!+[]+!+[]+!+[]]+([][(+[])]+[])[+[]]+([][(+[])]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[!+[]+!+[]]+(!![]+[])[-~[-~[]]])[((-~[-~[-~[]]])[-~[-~[-~[-~[-~[-~[-~[-~[]]]]]]]]+(-~[-~[]]))(!![]+[])[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~[-~ > 来源:[JavaScript中文网](https://www.javascriptcn.com/post/60056d1381e8991b448e6d58) ,转载请注明来源 [https://www.javascriptcn.com/post/60056d1381e8991b448e6d58](https://www.javascriptcn.com/post/60056d1381e8991b448e6d58)