need of obfuscation code with web application and how to do it
Joined: Aug 18, 2009
I want to create Helloworld source code to obfuscation code with freeware obfuscator such as proguard 4.4 etc.....
I am using java 1.4 and struts 1.1.commanly through struts-config.xml file we are calling the action class with the relevant method name and property name.
In proguard 4.4 ,they have explained that the shrinking step detects and removes unused classes, fields, methods, and attributes. The optimization step analyzes and optimizes the byte code of the methods. The obfuscation step renames the remaining classes, fields, and methods using short meaningless names.
If obfuscator changes the method and all , how can struts-config.xml file finds out which method to call in action class.
It should method all method in jsp and action class as well as struts-config.xml file also. Then what is the need of obfuscation code.
How to make obfuscation code on web application
Java collection frame work is backward compatibility ,it wont support java 1.5 and above version. In progaurd, they have mentioned that the final preverification step adds preverification information to the classes, which is required for Java Micro Edition or which improves the start-up time for Java 6.
I am getting confusion to do obfuscation.
Can anyone make me to clear about this article please.
Joined: Mar 22, 2005
I'm not quite sure about what you're asking exactly, but be aware that it is generally not necessary to obfuscate web app code, because the code is never made available to the users of the web app.
If you still want to do it, and need to keep certain method or class names (for Struts or some other framework), then you need to employ the various "keep options" discussed in the ProGuard manual. Note that modern web frameworks rely heavily on the reflection API, which breaks when obfuscation is used.