We are happy to announce the availability of JSDefender Version 2. The new release’s goals were twofold: to increase JSDefender’s strength and breadth and to make it easier to configure.
The first goal is to increase the strength and breadth of JSDefender’s code protections. Version 2 has several new code protection techniques that will make your protected application even more attack-resistant. These include:
- Self-defending Protection: The protected JavaScript will not run if an attacker modifies it. The new release wraps function declarations, function expressions, and object and class method declarations into a guarding function. That function observes if its body (thus, the original function-like construct) is tampered with. Even inserting a single space or a new line character into the function body will prevent it from running normally.
- Date Lock Protection: The protected JavaScript will not run after a specified date. The code injects into the protected source tests whether the current date is in a particular interval. If so, the code runs normally; otherwise, it breaks after the date test phase.
- New Transforms: Designed to make your protected JavaScript even harder to read. These include:
- Property Sparsing Protection: Transforms object literal expression assignments into multiple assignment statements to make them harder to read.
- Variable Grouping Protection: This separates variable declarations and initializations, moving the declaration part to the end of the declaration scope.
- Constant Argument Obfuscation: This technique replaces integer literals in function arguments with conditional expressions that use special conditions declared in the JSDefender Runtime, making it difficult to understand the constant’s value and the intended code flow.
- Expression Sequence Obfuscation: Collects adjacent expression statements in the code and joins them into an expression sequence.
The second goal is to make JSDefender easier to configure and use for complex projects:
JSDefender can now protect multiple JavaScript files in a single JSDefender run. A limitation of the previous version was that JSDefender could only process one file at a time. Version 2.0 brings efficiency to projects, allowing users to protect files simultaneously.
JSDefender has improved support for inline configuration, introducing the concept of “named configuration sets.” This makes it easier to define and apply different types of protections across different parts of your application.
For a complete list of the changes, see the changelog.
For a deeper explanation of the new protections and other features, see the user guide.
If you are upgrading JSDefender, see the upgrade guide.