I’m preparing my Webix UI app for production and would like to know the best practices for deployment.
$$('viewId') or other functions to manipulate data directly?$$() in production builds?window.$$ after init cause issues?We’ll wait for the official answer, but it seems to me that anything that runs in browser is accessible via console. Webix is just UI. So the task of securing the app is for the authorization and backend, but changes to the UI, like $$(“someLabelId”).setValue(“haha”) are runnable, those kind of changes you can’t prevent. What you can do, is secure the backend and do not save unwanted changes.
- Would deleting
window.$$after init cause issues?
Most probably yes.
Hello @Supawit_Nu-iat ,
webix.min.js directly in your final build instead of linking it separately. This ensures that both Webix and your application code are bundled together.If you obfuscate only your code and connect Webix separately, you can only connect these two files if you have source maps of its code—and this allows you to completely parse it and kills the idea of hiding everything.
$$() function in production. Doing so can cause issues since it is part of Webix’s public API. Instead, you can obfuscate the function name (e.g., transforming window.$$ into something like window._tr) to make it less recognizable while keeping it functional.Note that while the method will still be accessible, it will not correspond to the public Webix API, adding a layer of obscurity.