I have a PHP array with URL's that I would like to keep hidden (or at least more difficult to copy) I need to convert this array to a JS array. Is it possible without writing the items in JS?
So NO like in following example where the URL's can be found in the source...
<?php $arr = array("http://foo.com","http://bar.com","http://baz.com"); ?> <script> var newArr = new Array("<?php echo implode(',' ,$arr); ?>"); </script>
preguntado el 27 de agosto de 11 a las 14:08
Nope. This is not possible without writing the items in JS.
It's not possible to do it without writing the items in JS. However if you are using those variable for validation, you could transfer that validation on the server and use AJAX to call that validation.
If you want one of your system's component not to touch some piece of data, don't give it the data.
However, if the browser cannot have the data, it cannot use it, either. There's a dilemma...
If you want to make the urls unreadable you can encode each character to \xnn escape sequence:
var newArr = [ "\x68\x74\x74\x70\x3a\x2f\x2f\x66\x6f\x6f\x2e\x63\x6f\x6d","\x68\x74\x74\x70\x3a\x2f\x2f\x62\x61\x72\x2e\x63\x6f\x6d","\x68\x74\x74\x70\x3a\x2f\x2f\x62\x61\x7a\x2e\x63\x6f\x6d" ]; alert( newArr );
but will alert
Another way is to make make an ajax call to file which will echo the items.
If you wish more security make 2 GET calls one to get some info, process it with the js and use it at the second call which will get your array. Something like the "obscurity" or "time" method. In theory this will add some protection.
Or as nobody sugiere you can use again the technique with the 2 GETs, and encode and decode dinamically the data in the array. This will add more security.
In PHP, that'd be:
<?php $arr = array('http://[a]', 'http://[b]', 'http://[c]'); echo json_encode($arr);