Is possible to hide content code of a javascript function, I am using JSP
I want to hide a function like this
function changePassword(){
var oldPassword = document.getElementById("oldPwd");
var newPassword = document.getElementById("newPwd");
var repeatedPwd = document.getElementById("newPwdRepeated");
//Ajax to BackEnd with encrypted data
}
I want to hide the encryption process when the end user use Dev Tools in browser
Sorry for my english
It's not really possible.
While there exists a proposal to hide the programmatic examination of functions, there's nothing stopping a user from examining the source code manually.
If program logic runs on the client's machine, the client will have to have been sent the source code for that logic somehow - anyone sufficiently determined will be able to find it. The only way to keep such an implementation hidden from the client is to not send it to the client at all.
While you could try to make the process safer by creating your own implementation of SSL encryption, it would make much more sense and would be much safer to simply require all connections over HTTPS - leave it to the browser and server to automatically encrypt and decrypt messages safely. If the connection is secure, you won't have to worry about the password being intercepted by someone in the middle - unless the client's browser is compromised, or unless the client's network / OS is compromised (and in such cases, safe communication is pretty much impossible anyway).
