How to hide Angularjs source codes?


How to hide app.js, controller.js files or code?

They are visible in html source. Is there anyway to hide them?

Problem courtesy of: OMahoooo


  1. minify
  2. uglify along with minify you must uglify your code, which make it difficult to understand, it will renames the variables and function in very ugly manner, not easy to break the code.
    Also you can encrypt it well, you have and have to decrypt when it is needed to use, and that can't be remain hidden from the front end tools
Solution courtesy of: Ankit Balyan


You cannot hide angualrjs. Its based on Javascript. To minify, doesn't help because anyone can convert it back to human readable view (sure if anyone wants to steal your code). Any sensitive logic try to put on server side.

Hope it will hep,

Discussion courtesy of: Maxim Shoustin

This cannot be done.

But you can use tools for minify the sources. See Google Clousure and ng-min for angular.js

I recommend you to use grunt to build one single js file for you application, with all of your code minified. Take a look at those projects that may be useful: ng-boilerplate and yeoman - angularjs

Discussion courtesy of: Deividi Cavarzan

You can hide your javascript code using NGINX server subrequest.

If you have /admin route in angular, backbone or other js framework and you want to hide it for unauthorized users, you can make subrequest in NGINX to backend, which checks if user is authorized. If not, then you throw 404 or make redirect to homepage.

This is nginx module which contains more details:

The code in NGINX looks more or less like this:

location ^~ /admin {
    # checking in background if user is privileged
    auth_request /auth;
    root   /var/www/angular-client/;

location = /auth {
    proxy_pass http://backend.cms/api/v1/users/admin.json;
    proxy_set_header X-Original-URI http://backend.cms/api/v1/users/admin.json;/
Discussion courtesy of: Mateusz Rzepa

This is the natural behaviour of a front-end framework; you do not hide the source code. There should be no sensitive data whatsoever in your front-end, especially no passwords. Just like Stack Overflow, all the font-end code is and will always be visible to the user.

Discussion courtesy of: subZero

This recipe can be found in it's original form on Stack Over Flow.