nextjs-obfuscator
v3.1.0
Published
javascript obfuscator plugin for next.js
Downloads
8,187
Maintainers
Readme
javascript-obfuscator plugin for Next.js
The nextjs-obfuscator
enables you to make your Next.js app difficult to be reverse-engineered, using javascript-obfuscator.
ℹ️ If you are looking for README for v1, see here.
There are some useful notes:
- The app router is supported.
- Building by turbopack is currently NOT supported.
- Minimum supported Next.js version is v13.
Installation
You have to install javascript-obfuscator separately.
On npm:
npm i -D javascript-obfuscator nextjs-obfuscator
On yarn:
yarn add -D javascript-obfuscator nextjs-obfuscator
Usage
Wrap your configuration in your next.config.js
to use this plugin, for example:
const withNextJsObfuscator = require("nextjs-obfuscator")(obfuscatorOptions, pluginOptions);
/** @type {import("next").NextConfig} */
const nextConfig = withNextJsObfuscator({
// ... your next.js configuration
});
module.exports = nextConfig;
Or if you use next.config.mjs
:
import createNextJsObfuscator from "nextjs-obfuscator";
const withNextJsObfuscator = createNextJsObfuscator(obfuscatorOptions, pluginOptions);
/** @type {import("next").NextConfig} */
const nextConfig = withNextJsObfuscator({
// ... your next.js configuration
});
export default nextConfig;
API
obfuscatorOptions
Type: Object
(required)
This is the options of javascript-obfuscator, but there are some important notes:
disableConsoleOutput
should be set tofalse
and you can easily notice the error logging by React on console. If they are present, they indicate your app has been broken.- There are some options that MUST NOT be set:These options will be set by the nextjs-obfuscator plugin internally if necessary.
pluginOptions
Type: Object
(optional)
More options for this plugin. All properties are optional.
{
enabled: boolean | "detect",
patterns: string[],
obfuscateFiles: Partial<{
buildManifest: boolean,
ssgManifest: boolean,
webpack: boolean,
additionalModules: string[],
}>,
log: boolean,
};
|Option |Type |Default Value|Description|
|---------|------------------------------------|-------------|-----------|
|enabled
|boolean | "detect"|"detect"
|Indicates if the plugin is enabled or not.If "detect"
specified, the plugin will be enabled only when building for production.|
|patterns
|string[]
|["./**/*.(js|jsx|ts|tsx)"]|Glob patterns to determine which files to be obfuscated. They must be relative paths from the directory where next.config.js
is placed.|
|obfuscateFiles
|object
||Additional files to be obfuscated.|
|obfuscateFiles.buildManifest
|boolean
|false
|If set to true, the plugin will obfuscate _buildManifest.js
|
|obfuscateFiles.ssgManifest
|boolean
|false
|If set to true, the plugin will obfuscate _ssgManifest.js
|
|obfuscateFiles.webpack
|boolean
|false
|If set to true, the plugin will obfuscate webpack.js
, which is an entry point.|
|obfuscateFiles.additionalModules
|string[]
|[]
|Names of additional external modules to be obfuscated. Convenient if you are using custom npm package, for instance. Use like ["module-a", "module-b", ...]
.|
|log
|boolean
|false
|If set to true, the plugin will use console.log
as logger. Otherwise, it uses webpack's standard logger.|
How it works
- This plugin inserts a custom loader to obfuscate project files and external modules.
- This plugin inserts a custom plugin to obfuscate
buildManifest
,ssgManifest
,webpack
assets.
Disclaimer
Using this plugin can break your next.js app, so you have to check carefully your app works fine.