服务器端 JavaScript
我有一个关于 SSJS 的问题。
使用 SSJS,是否可以对用户隐藏代码?
其他服务器端语言(如 PHP)在源代码中不可见,因为它们是在客户端、浏览器之前处理的
我想要的一个小例子:
<html>
<head>
<script runat="server">
function getPassword(){
var password = "myPass";
return password;
}
</script>
</head>
<body>
<script>
alert(getPassword());
</script>
</body>
</html>
我测试了这个,但密码仍然可见
我是否做错了什么,所以我的示例是简单的CSJS还是不可能隐藏SSJS代码?
I have a question about SSJS.
With SSJS, is it possible to hide code from the user?
Other ServerSide languages like PHP aren't viewable in the source because they are processed before the client side, the browser
A little example of what I want:
<html>
<head>
<script runat="server">
function getPassword(){
var password = "myPass";
return password;
}
</script>
</head>
<body>
<script>
alert(getPassword());
</script>
</body>
</html>
I tested this, but the password is still viewable
Am I doing something wrong so that my example is simple CSJS or is it impossible to hide SSJS-code?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
遵循 TJ Crowder 的明智之言,您的文件可以是基于 Windows 的主机上的经典 .asp 文件(因此是扩展名为 .asp 的文件),如下所示:
或者更符合您的风格,它可能如下所示:
这两种方式服务器端脚本在页面源中都不会可见。另外:
<%=...%>可以被视为Response.Write(...)的简写对于其他主机,请检查您的提供商或维基百科David Dorwards 回答中给出的列表
Adhering to the wise words of T.J. Crowder, your file could be a classic .asp file on a windows based host (so a file with the extension .asp), looking like this:
Or more in line with your style it could look like:
Both ways the server side scripting will not be visible in the page source. Aside:
<%=...%>can be viewed as shorthand forResponse.Write(...)For other hosts, check your provider or the wikipedia list given in David Dorwards answer
是的,您的服务器端代码可以对用户隐藏,就像任何其他服务器端语言一样。您必须通过理解服务器端 JavaScript 的服务器提供相关的 HTML 文件,并且必须正确配置该服务器(默认情况下,
.html文件可能不会被预处理; 通常,带有服务器端代码的 HTML 文件会有不同的扩展名,例如.shtml、.asp、.aspx等,取决于您运行它们的平台;当然,通过正确的配置,您可以正确处理任何事情)。如果您能够通过网络浏览器看到上面的代码,那么您就错过了其中一个步骤。请注意,服务器端 JavaScript 具有任何其他服务器端语言的优点和缺点。例如,您无法使用任何服务器端语言对客户端浏览器进行任何脚本编写,这就是为什么您会看到如此多的客户端代码。 (也许这是显而易见的。:-))
Yes, your server-side code can be hidden from the user, exactly as with any other server-side language. You have to serve the relevant HTML file via a server that understands server-side JavaScript, and you have to configure that server correctly (by default,
.htmlfiles probably aren't going to be pre-processed; typically HTML files with server-side code would have a different extension, such as.shtml,.asp,.aspx, etc., depending on the platform on which you're running them; although of course with proper configuration you can have anything handled correctly). If you were able to see the code above via a web browser, then you've missed out one of those steps.Note that server-side JavaScript will have the benefits, and disadvantages, of any other server-side language. You can't (for instance) do any scripting of the client's browser with any server-side language, which is why you see so much client-side code around. (Perhaps that was obvious. :-) )
任何服务器端 JavaScript 都只能在服务器上使用,但是,正如您需要在将其发送到客户端之前通过 PHP 引擎运行 PHP 一样,您也必须在发送之前通过 JS 引擎运行 SSJS。
尽管node.js 可能是目前最流行的。
runat="server"是 IIRC,一个 ASP.NET 构造。如果您想沿着这条路走下去,您需要首先使用 ASP.NET。我不知道你的语法是否正确。Any server side JavaScript will only be available on the server but, just as you need to run PHP through a PHP engine before sending it to the client, you have to run SSJS through a JS engine before sending it on.
You can find a list of such engines at Wikipedia, although node.js is probably the most popular at present.
runat="server"is, IIRC, an ASP.NET construct. If you want to go down that route, you'll need to be using ASP.NET for a start. I've no idea if the syntax you have is right though.