JsxBlindLib.jsxinc offers a fully redesigned version of JsxBlind's original algorithm. Historical details about the one and only jsxbin obfuscator available today—why you need it and how it basically works—can be found in my original post.

The mechanism is unchanged but the code required a new approach. First, some developers reported that the previous version may throw a stack overrun error in complex scripts relying on deeply nested function calls. Indeed, in its primary implementation JsxBlind had a recursive parser causing the call stack to overheat during data scanning. Since many of my colleagues—just like me!—can submit 500KB or larger files to the jammer, removing recursion was a pivotal step in maintaining this tool.

Also, JsxBlind wasn't part of IdExtenso until now. This annoyed me because I had to keep in parallel multiple routines which are now much better implemented and structured within the framework.

Finally, although the core algorithm cannot be disclosed, some developers expressed the very legitimate need to take more control over the API. Since IdExtenso has been thought for sharing common scripting tools and features throughout a consistent flow, I decided to port JsxBlind into the framework while keeping its neuralgic process hidden. (By “hidden” I mean of course “blinded”.)


JsxBlindLib.jsxinc is delivered as a MODULE in IdExtenso. Although it includes two encrypted submodules ($$.JsxBin and $$.JsxBin.Scrambler), it exposes its own API in clear. You will invoke the main function through $$.JsxBlindLib.run(...), a method that also provides interesting I/O options.

For your information, the scrambler component is the place where jsxbin identifiers, scanned from your input stream, are transformed into random tokens based on weird characters that sill perfectly operate at a syntactic level. The Scrambler produces an output string aimed to replace your original jsxbin. It has exactly the same size, the same taste and the same behavior, but you can be confident that it will seriously baffle hackers if they try to decode it back into JSX.

An example of obfuscated code.

Note. — Behind the scene the Scrambler actually interacts with $$.JsxBin, a deeper module that implements the scanning stage (and nothing more.) As it is decoupled from higher stuff, it might be integrated in other jsxbin components in the future.

Using the Library

You have first to #include JsxBlindLib.jsxinc at the beginning of your client ExtendScript code, with or without InDesign being active. This loads the core features of IdExtenso and makes JsxBlind available from a single functional object: $$.JsxBlindLib.

To run it, just call $$.JsxBlindLib(bin, options). This is equivalent to the longhand syntax $$.JsxBlindLib.run(...). The first expected argument is the jsxbin stream, either provided as a string or a File. (If it is missing, the user is invited to select a File.) JsxBlind is smart enough to scan either pure jsxbin export (from ESTK) or embedded jsxbin string nested in eval("..."). It also takes care of PROLOG and EPILOG parts that may appear in the JSX wrapper.

The second argument, optional, is a set of options (i.e, an Object) that controls both I/O parameters (preferred folder, progress callback, progress call frequency, report option…) and advanced settings related to the inner process. You'll find all detail on those parameters in the source code.

Now here are the options of greatest interest:

OPTION (KEY) TYPE DESCRIPTION
.hitFuncNames Boolean (Default: false.) Whether the Scrambler is intended to alter FUNCTION NAMES as well as regular identifiers. By 'regular identifier' we refer to either a variable name, a constant name, or a function parameter. (The names of object properties or methods are not regular identifiers.)
.whiteList RegExp (Opt.) Regular expression capturing whitelisted tokens, that is, a special set of strings that JsxBlind is explicitly allowed to transform even if such strings do not reflect a regular identifier. For example, a custom object property or method name, like MY_KEY in syntax like obj.MY_KEY. Example: options.whiteList = /^MY_KEY$/
.blackList RegExp (Opt.) Regular expression capturing blacklisted tokens, that is, a set of strings that JsxBlind is told to keep unaltered. For example, you may allow the scrambler to alter function names EXCEPT $$ and MyFunc. For such purpose, use options.blackList = /^\$\$|MyFunc$/

JavaScript reserved words always supersede the whiteList option (so you cannot allow, say while or return to be changed!), but the whiteList option has priority over the blackList option in case of conflict. So, use these settings with caution! If your script doesn't work once “blinded”, there is good chance that either hitFuncNames or whiteList gave too much permissions to the tool.

Additional public methods — getTiming(), getInputURI(), getReport() — are documented in the code. Give a look at the demo script /tests/UseJsxBlindLib.jsx for a detailed example.

• GitHub's link to the library:
github.com/indiscripts/IdExtenso/blob/master/tools/JsxBlindLib.jsxinc


The standalone version which you can download from this server simply allows to scramble a jsxbin file based on default options. It doesn't require to have IdExtenso installed on your disk (because all needed code is embedded in it), but it provides no advanced features.