2 Replies Latest reply on Feb 16, 2016 2:42 AM by Swati999

    Organizing and packaging HTML5 extension


      I am working on building an HTML5 extension for InDesign CC 2015. I bundle the extension with Extension Builder 3 into a zxp file; which upon installing unpacks to HTML pages and js and css files into the install location on my Mac (/Library/Application Support/Adobe/CEP/extensions/MyExtension). My concern is, this way, my extension can be easily modified or reverse-engineered. How do I encrypt my extension before sending it to the customers so that my code is not wide open in front of them?

        • 1. Re: Organizing and packaging HTML5 extension
          Loic.Aigon Adobe Community Professional

          As stated in the CEP cookbook :


          you could choose to obfuscate it in term of hiding internal Html extensions. But please keep in mind that there is no final/reliable way to obfuscate HTML/JavaScript staff, because it is not so hard to revert it back to plain text. Even if the extension is signed, users still could add entry "PlayerDebugMode=1" in registry/plist to load the modified extension. Even in flash world, there still might be ways to decompile swf to get your IMS client-secret.

          So there is no reliable way to prevent user finding your client-secret if IMS APIs are invoked in HTML extension. Alternatively, you could choose to call IMS API in native side, and communicate HTML extensions by CSXS event/Extend Script.

          info here

          • 2. Re: Organizing and packaging HTML5 extension
            Swati999 Level 1

            Thanks Loic.Aigon