Support » Plugins » Hacks » Why/how does WP obfuscate the js include files? Needing to debug/reverse them.

  • Resolved Mick P.

    (@mick-p)


    I am just curious why WP obfuscates the Javascript for everyone. Should that not be an option, since WP is opensource?

    Anyway, I am having trouble with swfupload.js on a plugin page, and I can’t really tell which “a” variable is undefined/causing an error amidst the obfuscated code. So I need to figure something out. Thanks.

    PS: First time needing to use WP support. Please make it go well for me so I am not turned off 🙂

Viewing 11 replies - 1 through 11 (of 11 total)
  • wordpress definitely does not obfuscate code and the file swfupload.js isn’t part of wordpress installs
    perhaps it’s a plugin file in whick case wordpress doesn’t control the code

    ^It is part of the media library that allows you to attach images etc. to posts. It is built into the core, media-upload.php etc.

    All of the js files installed by WP are obfuscated. They are compressed to the point they are totally unintelligible… you may draw a distinction, but I don’t.

    A sample of swfupload-all.js:

    // swfupload
    var SWFUpload;if(SWFUpload==undefined){SWFUpload=function(a){this.initSWFUpload(a)}}SWFUpload.prototype.initSWFUpload=function(b){try{this.customSettings={};this.settings=b;this.eventQueue=[];this.movieName="SWFUpload_"+SWFUpload.movieCount++;this.movieElement=null;SWFUpload.instances[this.movieName]=this;this.initSettings();this.loadFlash()}catch(a){delete SWFUpload.instances[this.movieName];throw a}};SWFUpload.instances={};SWFUpload.movieCount=0;SWFUpload.version="2.2.0 2009-03-25";SWFUpload.QUEUE_ERROR={QUEUE_LIMIT_EXCEEDED:-100,

    This is all of the swfupload files packed into one, which is loaded by load-script/s.php. The rest of the file goes on like that… no line breaks.

    ^Yes, obfuscated. You can see easily how the two files differ.

    The second (http://core.trac.wordpress.org/browser/branches/3.2/wp-includes/js/swfupload/swfupload-all.js) is used by WP. So if you want to debug in a browser you are stuck with that. It is a conglomeration of more than just swfupload, therefore you cannot simple replace the files.

    This obfuscation I think is a bad practice. But I would just like a solution. Like how the files are obfuscated, so that they can be disobfuscated at the very least.

    PS: Seeing as browsers download a javascript file and then cache it, WP is not saving anyone much bandwidth at all by obfuscating the source code. It is just making the files opaque / impossible / troublesome to debug or adapt.

    If a blog serving bajillions of readers needs to make the files smaller for every ounce of savings per each of its readers, that should be a plugin.

    EDITED: http://en.wiktionary.org/wiki/obfuscate

    Thanks for the reference, but I wasn’t questioning the meaning of the word “obfuscated” with my excessive punctuation.

    Does this make it any easier (swfupload-all.js) to work with?

    http://pastebin.com/mNQUaKbX

    I’m intrigued. I thought the javascript file was minified:

    http://en.wiktionary.org/wiki/minify

    What are the functional differences between the two files?

    @mick P.

    If you add this to your wp-config.php file during development, WordPress will load .dev versions of the JS for easy debugging

    define('SCRIPT_DEBUG', true);

    @jackson

    That’s what I was looking for. It would be nice if the streamlining was a turn on feature. A good compromise would be to put a comment in the top of the compressed files I think. Still that would not be helpful to non-administrators trying to replicate what their favorite site is up to.

    I noticed in load-scripts you can pass ?c=1 to disable compression for some reason. If there was an analog for undoing the script mangling that would be very handy.

    @mickeyroush

    Minify is a tech word I’ve never stumbled across before. Regardless, minified code is a subset of obfuscated code.

    PS: I don’t think this is a good practice for WP. Bare minimum define(‘SCRIPT_DEBUG’,true); needs to appear in wp-config.php so administrators can be aware of it from day one. It should be uncommented with a comment that says, comment this out to minify js files or whatever. Or an option could alternatively be in the settings pages.

    EDITED: @claytonjames

    I appreciate the effort if you uploaded that code yourself. I think we ultimately found a better solution. But just to be clear, the -all file includes more than the swfupload.js file alone. I’m sorry, I can’t tell off the top of my head if everything is in there. It’s not clearly labeled -all though.

    Minify is a tech word I’ve never stumbled across before.

    Minify is a common term used by WordPress users/developers (and among other CMSs as well).
    http://code.google.com/p/minify/

    Regardless, minified code is a subset of obfuscated code.

    I doubt if most people would agree with you on that.

    I’ve read all of these:
    http://en.wikipedia.org/wiki/Obfuscation
    http://en.wikipedia.org/wiki/Obfuscated_code
    http://en.wikipedia.org/wiki/Minification_%28programming%29

    There seems to be a distinct difference between the terms. That’s why in your post I assumed that you were trying to say that WordPress was trying to obscure code (conceal its purpose).

    I appreciate the effort if you uploaded that code yourself. I think we ultimately found a better solution. But just to be clear, the -all file includes more than the swfupload.js file alone. I’m sorry, I can’t tell off the top of my head if everything is in there. It’s not clearly labeled -all though.

    No effort at all. I just ran it (swfupload-all.js) through a generic decompressor and re-pasted the output to pastebin. Took about 30 seconds total. Glad you found something that works for you!

    define(‘SCRIPT_DEBUG’,true); needs to appear in wp-config.php so administrators can be aware of it from day one.

    That would be a handy feature. It does seem to take a minute or two to find the reference in the Codex. http://codex.wordpress.org/Editing_wp-config.php#Debug

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Why/how does WP obfuscate the js include files? Needing to debug/reverse them.’ is closed to new replies.