I am developing my web app with angularjs, previously I work with angularjs in Ionic. In mobile applications I used an encryption plugin that prevented me from seeing the source code and with that I passed security. However, this time I am in a web development with angularjs and only with "View source", I can access constants, controllers, etc etc.
My question is the following: How can I add security to my application files?
Although there is no way to hide the script because it loads into the browser which makes it public, what you can do is obfuscate it by making the code almost impossible to read.
There are tools like javascript obfuscator that can help you. The only thing you have to keep in mind is that this obfuscation can make your code a little slower because it makes modifications to your code.
Since you're using angular it's good to note that you have to make sure you define dependencies as arrays, not parameters. For example, if you obfuscate the following code, it will throw an error:
It will fail you because obfuscation will rename
$scopea__b, for example, so angular won't be able to find that dependency and will throw you an error. Using the array syntax will work fine:Now it will work for you because angular will know which dependency to inject based on the array names.