Ibm mobilefirst IBM WorkLight android源代码安全性

我正在使用IBM workLight 4.0版本，目前我正在开发一个简单的保险应用程序，一切都做得很好。在Android安装完成后，我可以从.APK（Android安装文件）中提取HTML5和javascript源代码。我觉得它对黑客不安全，可能被人误用了

---

你能告诉我如何在安装/部署中保护代码吗？

答案是在创建APK之前先混淆代码。有关模糊处理的详细信息

我上一篇文章告诉你如何为android做这件事。

对于Javascript混淆，请访问此stackoverflow问题

---

还有一件事HTML不能模糊，按F12可以看到HTML源代码和相关css

Worklight 4.0在2013年仍在使用？：）

Android Proguard不适用于Worklight v4至v6.2（当前版本）中基于Worklight的Android应用程序

在Worklight中向Android应用程序添加某种程度的模糊处理的唯一方法是使用Google Closure编译器。您可以在Anton Aleksandrov的以下博文中按照以下步骤进行操作：

注:

---

在我的android应用程序中，我无法保护我的资产文件夹，其中包含所有HTML5和Java脚本。仅支持Java代码的分散和编程。

Wikipedia defines code obfuscation in a following way
In software development, obfuscation is the deliberate act of creating obfuscated code, i.e. source or machine code that is difficult for humans to understand. Programmers may deliberately obfuscate code to conceal its purpose (security through obscurity) or its logic, in order to prevent tampering, deter reverse engineering, or as a puzzle or recreational challenge for someone reading the source code. Programs known as obfuscators transform readable code into obfuscated code using various techniques.

Two important things to be noted from the above definition are
- The purpose of code obfuscation is to conceal its purpose, prevent tampering, deter reverse engineering or puzzle someone reading the code.
- Obfuscated code is difficult for humans to understand.

So basically obfuscating your code means converting it to a format that is difficult for humans to read. Not impossible. Just difficult.
Therefore - it is very important to understand that code obfuscation, especially in JavaScript, is a relatively weak security measure. Most modern web debugging tools are smart enough to "prettify" the obfuscated code reverting it to a much more readable (however still not original) format.