Forum Discussion
Obscuring JavaScript code to protect API credentials
I need to create a button that runs JavaScript that makes an API call. I have this working, but it exposes the authentication credentials to anyone with enough savvy to use the browser developer tool...
Requirejs uses Modular approach to Javascript, so you need to 'import' and 'export' parts of your code to reuse it on another spot. Alas does Storyline as is not support Modules and 'import' and 'export' statements. Best is to forget about that and use the WebObject approach to load your needed Javascript libraries and then obsfuscate whatever is needed.
Here is a simple solution for obfuscating and deobsfuscating your values and strings in Vanille Javascript in Storyline.
btoa('Some text'); // U29tZSB0ZXh0
atob('U29tZSB0ZXh0'); // Some text
The btoa() method creates a Base64-encoded ASCII string from a binary string (i.e., a String object in which each character in the string is treated as a byte of binary data).
You can use this method to encode data which may otherwise cause communication problems, transmit it, then use the atob() method to decode the data again. For example, you can encode control characters such as ASCII values 0 through 31.
https://developer.mozilla.org/en-US/docs/Web/API/btoa
Its not completely secure but at least somewhat more safe.
