Protect JavaScript Source Code
The JavaScript source code of your application can be protected by compiling to native code and loaded by NW.js. You only have to distribute the compiled code with your app for production.
Compilation
JS source code is compiled to native code with the tool nwjc
, which is provided in the SDK build.
To use it:
nwjc source.js binary.bin
The *.bin
file is needed to be distributed with your application. You can name it whatever you want.
Load the Compiled JavaScript
nw.Window.get().evalNWBin(frame, 'binary.bin');
The arguments of the win.evalNWBin() method are similar with the
Window.eval()
method, where the first parameter is the target iframe (null
for main frame), and the 2nd parameter is the binary code file.
Load Compiled JavaScript from Remote
Compiled JavaScript can be fetched from remote (e.g. with AJAX) and executed on the fly.
var xhr = new XMLHttpRequest(); xhr.responseType = 'arraybuffer'; // make response as ArrayBuffer xhr.open('GET', url, true); xhr.send(); xhr.onload = () => { // xhr.response contains compiled JavaScript as ArrayBuffer nw.Window.get().evalNWBin(null, xhr.response); }
Note
The compiled code is executed in Browser Context. You can use any Web APIs (such as DOM) and access NW.js API and Node API like other scripts running in browser context.
Known Issues
The compiled code runs slower than normal JS: ~30% performance according to v8bench. Other non-compiled JS source code will not be affected.
The compiled code is not cross-platform nor compatible between versions of NW.js. So you’ll need to run nwjc
for each of the platforms when you package your application.