Nuxt.js: Hiding references to __nuxt in the scripts and the template ID
I've been reading the source code and found out that window.__nuxt__ and the id for the App component #__nuxt are hardcoded. For security reasons I would like to hide what technology is powering my site, do you have plans on having those as options or should I work on my own fork?
ederchrono
All 7 comments
Also, I would like to have the data passed to window.__NUXT__={...} obfuscated. My store includes details about roles/permissions, basic user information, etc.
It doesn't need to be cryptographically encoded, but maybe base64/62 encoded (as savvy users could just inspect the instances via dev tools). But not having it in plaintext would be a bonus.
Maybe something like:
window.__NUXT__ = stateParser(".....")
Where stateParser decodes the string and then JSON parses it
Or incorporate the de-obfuscation into the part of Nuxt that checks the window.__NUXT__ variable (i.e. if a string, try and decode it)
It could then be made into an optional build flag to either obfuscate or not.
tmorehouse
on 6 Oct 2017
I will take a look at this soon.
dsandor
on 17 Oct 2017
Any news about this feature?
cubicmaze
on 28 Jan 2018
Would also like to use lz-string or base64 type encoding to obfuscate the json objects
mavrick
on 28 Mar 2018
I have the same question ,how to do with it?
baermowei
on 15 Apr 2018
window.__NUXT__ = stateParser(".....")
I have the same question,how to do whith it?
Which files do I need to modify
hookkent
on 28 Apr 2018
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![lock[bot] picture](https://avatars1.githubusercontent.com/in/6672?v=4&s=40)
lock[bot]
on 8 Nov 2018
Related issues
surmon-china
·
3Comments
danieloprado
·
3Comments
vadimsg
·
3Comments
o-alexandrov
·
3Comments
maicong
·
3Comments
Most helpful comment
I will take a look at this soon.