Osclass themes and plugins lisence problems
- Thread starter turan3241
- Start date
HI @turan3241 . Osclass it is open source classifieds script like WordPress, Joomla. If you didnt now wordpress is something like father of osclass.
Code core was changed and from here something new. You can use everything 100% from internet on to your website. Everything you fiind free or with fee (a copy like from this site) you can use becouse nobody can say is under licences becouse even from site like osclasspoint, reckons or other nothing is not original, They are using code from wordpress which are free. Yes are some good idee , code was change for osclass but nothing more. Yes you can use with out restrictions.
You need to understand in this days HTML, CSS, and JavaScript are open text and viewable by the public. That’s just how web browsers work.
v100 --Some techniques for protecting your source code:
v200 -- Ugification, Self-Redaction, Canvases, and Server Side Scripting.
Ugification (also known as minifying) is when you pass your code through a script that makes it very difficult for a human to understand. What it does is it passes all your javascript and/or css through a function that strips all of your easy to read variable names like “userName” and “date” and replaces them with meaningless names like “a” and “b”. While the this does not make your source code impossible to decipher, if your code is complex enough, the amount of time it would take a casual attempt to turn the minified code into something understandable is often enough to discourage most attempts to reverse engineer your code. Minification also makes your code more efficient so worth doing even if you are not worried about people stealing your code.
Self-Redaction is another technique that is not full proof, but will hide your code from the vast majority of snoopy developers. Once Javascript is loaded into your browser’s memory, the code no longer needs to exist on the page. So, what some frameworks do is they load all of your JavaScript into a script tag, and then the very last line of the code is the command to delete the tag. In this case, your script will be loaded into memory, but anyone using something like Chrome’s inspect tool to find your script will be unable to find it. Stealing self-redacting code requires specialized knowledge to capture the page’s HTML/CSS/JS package and NOT execute the imbedded JS.
Canvases are an alternative to HTML. They are the thing added in HTML5 that made everyone think we did not need Flash anymore because you can render whatever you want into them. While HTML can not be hidden, a canvas only shows up in your browser as a canvas element, and everything in it is just a field of pixel data generated by your JavaScript. So, if you render your whole web application to a canvas with JS, and then redact the JS, you could have a fully functional website with nothing visible in the inspection tool other than a canvas tag.
Server Side Scripting is the most full proof way to hide code. Basically, you put all the functional code on your server in the form of PHP, ASP, or some thing of the sort. What you send the browser is not fully functional code, but just the instructions it needs to interact with the code on the server. So you might send the browser the AJAX function it needs to call a function on your server, but since the function is not part of your HTML/CSS/JS package, it’s code is never actually exposed to the end user.
Internet rules
-Don’t put the good stuff in the front-end. If the logic/code is that important, make good architectural decisions where important code isn’t left exposed.
-Put “Copyright. All Rights Reserved” on every web page, and if you catch someone stealing your stuff, lawyer up.
v100 --Some techniques for protecting your source code:
- Obfuscate JavaScript. Because JavaScript allows type coercion of all its types, that makes it oddly friendly for obfuscation. Obfuscated JavaScript could look like utter nonsense, making it hard for someone to peek in your JavaScript and reuse or abuse it. But, even obfuscated JS still runs! And, just about any browser debugging tool will allow someone to step into, out of, and modify functions. So it’s not any harder to modify and abuse in the browser. Just harder to read. If it’ll help you sleep at night, you can use a Javascript Obfuscator .
- Punish the thief: Put some code in your JavaScript that will check and see if it’s on the right domain. If the code is on the wrong domain, put up an ass-load of unicorns and a nice message. Of course, your JavaScript is still readable, so once the thief sees the message, he or she will look through your code and yank it out. So you might as well obfuscate all of your JavaScript.
v200 -- Ugification, Self-Redaction, Canvases, and Server Side Scripting.
Ugification (also known as minifying) is when you pass your code through a script that makes it very difficult for a human to understand. What it does is it passes all your javascript and/or css through a function that strips all of your easy to read variable names like “userName” and “date” and replaces them with meaningless names like “a” and “b”. While the this does not make your source code impossible to decipher, if your code is complex enough, the amount of time it would take a casual attempt to turn the minified code into something understandable is often enough to discourage most attempts to reverse engineer your code. Minification also makes your code more efficient so worth doing even if you are not worried about people stealing your code.
Self-Redaction is another technique that is not full proof, but will hide your code from the vast majority of snoopy developers. Once Javascript is loaded into your browser’s memory, the code no longer needs to exist on the page. So, what some frameworks do is they load all of your JavaScript into a script tag, and then the very last line of the code is the command to delete the tag. In this case, your script will be loaded into memory, but anyone using something like Chrome’s inspect tool to find your script will be unable to find it. Stealing self-redacting code requires specialized knowledge to capture the page’s HTML/CSS/JS package and NOT execute the imbedded JS.
Canvases are an alternative to HTML. They are the thing added in HTML5 that made everyone think we did not need Flash anymore because you can render whatever you want into them. While HTML can not be hidden, a canvas only shows up in your browser as a canvas element, and everything in it is just a field of pixel data generated by your JavaScript. So, if you render your whole web application to a canvas with JS, and then redact the JS, you could have a fully functional website with nothing visible in the inspection tool other than a canvas tag.
Server Side Scripting is the most full proof way to hide code. Basically, you put all the functional code on your server in the form of PHP, ASP, or some thing of the sort. What you send the browser is not fully functional code, but just the instructions it needs to interact with the code on the server. So you might send the browser the AJAX function it needs to call a function on your server, but since the function is not part of your HTML/CSS/JS package, it’s code is never actually exposed to the end user.
Internet rules
-Don’t put the good stuff in the front-end. If the logic/code is that important, make good architectural decisions where important code isn’t left exposed.
-Put “Copyright. All Rights Reserved” on every web page, and if you catch someone stealing your stuff, lawyer up.