search

javascript-obfuscator / webpack-obfuscator

javascript-obfuscator plugin for Webpack
https://github.com/javascript-obfuscator/javascript-obfuscator
BSD 2-Clause "Simplified" License
870 stars 82 forks source link

It seems it doesn't work with default configuration #73

Closed chesnokovsergei closed 4 years ago

chesnokovsergei commented 4 years ago

Hello,

It's perfect package I used it sometimes ago. But today I have launched it with pure boilerplate and it doesn't work. My js files haven't been changed. Maybe I miss something from docs. If it is necessary I can attach git repo. This is my webpack.config.js

    
const path = require("path");
const HtmlWebpackPlugin = require("html-webpack-plugin");
var JavaScriptObfuscator = require('webpack-obfuscator');

module.exports = {
    entry: "./src/index.js",
    output: {
        path: path.join(__dirname, "/dist"),
        filename: "index-bundle.js"
    },
    module: {
        rules: [
            {
                test: /\.js$/,
                exclude: /node_modules/,
                use: ["babel-loader"]
            },
            {
                test: /\.css$/,
                use: ["style-loader", "css-loader"]
            }
        ]
    },
    plugins: [
        new HtmlWebpackPlugin({
            template: "./src/index.html"
        }),
        new JavaScriptObfuscator ({
            rotateUnicodeArray: true
        }, [])
    ],
    optimization: {
        splitChunks: {
            cacheGroups: {
                default: false,
                vendors: false,
                // vendor chunk
                vendor: {
                    // name of the chunk
                    name: 'vendor',
                    // sync + async chunks
                    chunks: 'all',
                    // import file path containing node_modules
                    test: /node_modules/,
                    // priority
                    priority: 20
                },
                // common chunk
                common: {
                    name: 'common',
                    minChunks: 2,
                    chunks: 'async',
                    priority: 10,
                    reuseExistingChunk: true,
                    enforce: true
                }
            }
        }
    }
};

package.json


{
  "name": "Obfuscate",
  "version": "1.0.0",
  "description": "",
  "main": "index.js",
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1",
    "start": "webpack-dev-server --mode development --open --hot",
    "build": "webpack --mode production"
  },
  "keywords": [],
  "author": "",
  "license": "ISC",
  "dependencies": {
    "react": "^16.13.1",
    "react-dom": "^16.13.1",
    "react-loadable": "^5.5.0",
    "react-router-dom": "^5.1.2"
  },
  "devDependencies": {
    "@babel/core": "^7.9.0",
    "@babel/preset-env": "^7.9.5",
    "@babel/preset-react": "^7.9.4",
    "babel-loader": "^8.1.0",
    "babel-plugin-react": "^1.0.0",
    "css-loader": "^3.5.1",
    "html-webpack-plugin": "^4.0.4",
    "style-loader": "^1.1.3",
    "webpack": "^4.42.1",
    "webpack-cli": "^3.3.11",
    "webpack-dev-server": "^3.10.3",
    "webpack-obfuscator": "^0.27.2"
  }
}

.babelrc:


{
  "presets": ["@babel/preset-env", "@babel/preset-react"]
}

Thanks a lot.

joshverd commented 4 years ago

Did you end up fixing this?

sanex3339 commented 4 years ago

Hi. At first, rotateUnicodeArray is the old option name and it has been renamed a few years ago to the rotateStringArray

joshverd commented 4 years ago

Hey!

plugins: [ new WebpackObfuscator({ rotateStringArray: true, }), ],

This is inside of our webpack.config.js, and when we run webpack --production, the output bundles are not obfuscated.

Webpack Version: 4.44.0 Webpack Obfuscator Version: 1.8.3

Thanks!

sanex3339 commented 4 years ago

Can you create the repository with a simple reproducible example?

sanex3339 commented 4 years ago

Also, output bundles have .js extension?

joshverd commented 4 years ago

Yes, the output bundles are .js. I'll have an example up in a few minutes, just need to make sure everything is replicated correctly!

joshverd commented 4 years ago

Ok, here's the example repo (on the webpack-obfuscator-example branch): https://github.com/joshverd/react-boilerplate-template/tree/webpack-obfuscator-example

First, run npm i then run npm run build-frontend to execute the local webpack build production command. The output bundle goes to /public/bundle.js, but it doesn't change if you add/remove the WebpackObfuscatorPlugin plugin.

Let me know if you have any questions!

EDIT: This repo has an example frontend built with Typescript, but it's acting the same with my other private, non-typescript project, which is where we first encountered the issue.

sanex3339 commented 4 years ago

It works for me

sanex3339 commented 4 years ago

image

sanex3339 commented 4 years ago

Try to remove your package-lock.json file and completely reinstall your dependencies.

joshverd commented 4 years ago

My javascript-obfuscator version is the same as yours.

I removed package-lock.json and node_modules, then ran npm i. Still isn't working.

I'm going to dig into the source further and see where stuff is going wrong. I'll post an update here when I've done that.

joshverd commented 4 years ago

Alright, I uninstalled all my globally-installed npm packages and that fixed it. I think it was using a different webpack/webpack-cli version than it should have been when building the bundle.

Thanks for your help with this issue!

sanex3339 commented 4 years ago

Nice!

sanex3339 commented 4 years ago

@chesnokovsergei i'll close this issue. Please write here if your problem still exist.

joshverd commented 4 years ago

I'm going to respond here just in case anyone stumbles upon this issue in the future.

My private project had a different issue. In our webpack.config.js, we had the following config:

  output: {
    path: path.resolve("public"),
    filename: '[name].[chunkhash].js?hash=[chunkhash]',
    chunkFilename: "[name].[chunkhash].js?hash=[chunkhash]",
  },

When webpack-obfuscator looks at each chunk/file name, it checks to see if the file NAMES end in .js, which means that if the ?hash= query param is set, it think it's not a JS file, and won't run it through the obfuscator.

Anyway, thanks again for your help. You can close this issue again! :)

sanex3339 commented 4 years ago

I'm going to respond here just in case anyone stumbles upon this issue in the future.

My private project had a different issue. In our webpack.config.js, we had the following config:

  output: {
    path: path.resolve("public"),
    filename: '[name].[chunkhash].js?hash=[chunkhash]',
    chunkFilename: "[name].[chunkhash].js?hash=[chunkhash]",
  },

When webpack-obfuscator looks at each chunk/file name, it checks to see if the file NAMES end in .js, which means that if the ?hash= query param is set, it think it's not a JS file, and won't run it through the obfuscator.

Anyway, thanks again for your help. You can close this issue again! :)

looks like a bug. Have to use regexp

qxygene commented 3 years ago

Any fix on this issue?

joshverd commented 3 years ago

I forked the webpack v4-compatible version and added the hash fix: https://github.com/joshverd/webpack-obfuscator

qxygene commented 3 years ago

nice one thanks, webpack v5 official version is having same problem too. they didnt fix it yet.

Note for exclude fix; ['**/chunk-vendors.js?hash=**']