DomainLock JS is an encrypted script generator which deters script theft by domain-locking Javascript files to a specific domain-name.
The script uses a custom encrypted payload to throw hard-to-trace Javascript errors in unrelated functions when used on an unauthorized domain.
Because the intentionally generated errors occur in unrelated functions, the encrypted payload can be concealed in any part of the codebase to provide a base-layer of defense against unlicensed use.
How to use: Simply enter any website address to generate the code snippet. Then strategically copy/paste the code snippet inside any other js file in your codebase or on your website.
DomainLock's two principal use cases are:
NOTE: Is DomainLock a fullproof protective measure? Absolutely, no. It's javascript — so it can by definition be circumvented with enough work. DomainLock's role is to provide a simple encrypted / concealed deterrent-layer discouraging casual code theft and unlicensed use.
DomainLockJS's generated code snippets are licensed under the Creative Commons Zero (CC0) license and are free to use on both personal and commercial projects with no attribution required. The script generator has generated code for over 16,000 personal and commercial domains and counting. DomainLockJS was created by me, James Roven, a serial founder to quickly license code with a modicum of downstream protection. This was a side project for me. You can visit my current main project at Wordmetrics.com
The script creates no global variables and runs on execution. It's small and runs extremely fast. While it hasn't been tested with all frameworks, it's unlikely to experience compatibility issues as it has no dependencies and doesn't pollute the global namespace.
No. DomainLockJS locks strictly to the primary domain. It cannot be used to lock javascript to a specific subdomain.
Typically one important .js file should be enough, but the snippet can be added to more than one file if necessary.
Any skilled / senior developer can debug *any* Javascript issue with enough time. If you need strict security, please don't rely on this or any other client side script. That said, the goal is to make theft sufficiently difficult.
With a more sophisticated trace, yes. But the errors generated by DomainLockJS are not generated within the code snippet itself. So tracing the error isn't straightforward. Errors are generated inside other, existing page functions.
If you license javascript add-ons or license javascript applications on a per site basis, DomainLockJS is a good deterrent to those who would steal javascript code. Your javascript runs only on the intended website or domain.
Unsophisticated users (which is most users) will simply attempt to copy and paste unlicensed javascript into a website directory. If the stolen script works it works, if it doesn't they'll remove it. DomainLockJS is not intended to be a mission-critical or fullproof preventative measure.
It's a difficult to debug deterrent to javascript code theft. It's one additional layer of javascript copy protection for code licensing and the prevention of code stealing.