Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement ActiveX obfuscation for minified dist #392

Merged
merged 2 commits into from Feb 28, 2012
Merged

Implement ActiveX obfuscation for minified dist #392

merged 2 commits into from Feb 28, 2012

Conversation

felixge
Copy link
Contributor

@felixge felixge commented Feb 27, 2012

Some coporate proxys/firewalls (such as Blue Coat) filter out JS files
that contain the string 'ActiveX' in them. This patch alters the Uglify
AST so that all occurences of the string are obfuscated, making
socket.io work in even the most hostile environments : ).

(This only applies to the minified output)

@felixge
Implement ActiveX obfuscation for minified dist
9c006e1 
Some coporate proxys/firewalls (such as Blue Coat) filter out JS files
that contain the string 'ActiveX' in them. This patch alters the Uglify
AST so that all occurences of the string are obfuscated, making
socket.io work in even the most hostile environments : ).
@rauchg
Copy link
Contributor

rauchg commented Feb 27, 2012

Amazing. Thanks for the find
I think we should do this for both builds ?

@felixge
Copy link
Contributor Author

felixge commented Feb 27, 2012

I think we should do this for both builds ?

I agree, but unfortunately uglify does not preserve whitespace / comments, so it would change the normal distribution file quite a bit.

That being said, if you're ok with pulling in another JS parser (I recommend https://github.com/qfox/ZeParser which is pretty amazing) as a devDependency, I can make the magic happen without altering the shape of the normal distribution build.

--fg

@felixge
Copy link
Contributor Author

felixge commented Feb 27, 2012

(As discussed with @guille , I'll adjust this patch to also work for the non-minified version)

@3rd-Eden
Copy link
Contributor

Is ActiveX the only thing they filter out?

@felixge
Move ActiveX obfuscation into own module
1590242 
Also made it apply to both dist files, not just the minified one.
@felixge
Copy link
Contributor Author

felixge commented Feb 28, 2012

^-- I just pushed a new patch that moves the active x code into a separate module. It also applies the obfuscation to the regular dist file. The new module also has some tests:

https://github.com/felixge/node-active-x-obfuscator/blob/master/test.js

Would be awesome if this gets merged. Also feel free to squash into one commit if you want.

Is ActiveX the only thing they filter out?

Afaik, yes. At least it is the only thing that was causing problems with socket.io.

rauchg added a commit that referenced this pull request Feb 28, 2012
@rauchg
Merge pull request #392 from felixge/activex
b042397 
Implement ActiveX obfuscation for minified dist
@rauchg rauchg merged commit b042397 into socketio:master Feb 28, 2012
@rauchg
Copy link
Contributor

rauchg commented Feb 28, 2012

This is wonderful. Thanks @felixge

3rd-Eden added a commit to unshiftio/swfobject that referenced this pull request Oct 24, 2014
@3rd-Eden
[major] Prevent blocking by the Blue Coat proxy/firewalls
36104d5 
See:

- https://github.com/felixge/node-active-x-obfuscator
- socketio/socket.io-client#392

For related reading.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@felixge @rauchg @3rd-Eden