Our great sponsors
-
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
electron-bytenode-example
A basic Hello World boilerplate using Webpack to convert Electron Javascript code to binary using Bytenode and the Bytenode Webpack Plugin
What are you thoughts on https://github.com/sleeyax/asarmor? My thinking is I could use bytenode to protect my business logic and use asarmor to make the resulting asar non-trivial to uncompress, giving my renderer some kind of "protection" but without requiring me to turn off context isolation or enable nodeIntegration.
It doesn't appear that there is any performance penalty to using Bytenode. There are some benchmark functions in the repository, but certainly more work could be done to test. My gut feeling is that the minor overhead of loading the binary is balanced out by the minor speed increase by giving V8 a pre-compiled file.
Take a look at the electron-bytenode-example repository - in particular the preload script. You can see the 'DOMContentLoaded' example there. You need to do that because preload runs before the DOM has been loaded. That example has both nodeIntegration: true and contextIsolation: false. However, the preload script should always have access to both Node and the DOM, so you should be able to set it up so that all of your scripting happens in preload.
Related posts
- How to secure an Electron app with a license key
- ByteNode: A minimalist bytecode compiler for Node.js
- electron-vite: Easy way to protect your Electron source code
- Where do you store api keys or jwt token in an electron app?
- Where to hide or store database key in electron app? (Is it possible to do with c++ addons?)