Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
@noscrape/noscrape
Advanced tools
The primary mechanism behind noscrape
is the utilization of any true-type font. From this, noscrape
generates a new version with shuffled unicodes, ensuring that it's impossible to reverse-calculate them. This means that both strings and integers are obfuscated and can only be deciphered using the generated obfuscation-font.
While the glyph-paths inside the font cannot be entirely removed, they are obfuscated by randomly shifting them slightly. This makes it challenging to reverse-calculate them, but it's not entirely impossible, especially for machine learning algorithms. The developers are open to suggestions for improving this aspect.
To install the @noscrape/noscrape
package, simply run the following command in your project directory:
npm install @noscrape/noscrape
const { obfuscate } = require('@noscrape/noscrape');
// Sample object to obfuscate
const object = { title: "noscrape", text: "obfuscation" };
// Server-side obfuscation
const { font, value } = obfuscate(object, 'path/to/your/font.ttf');
<style>
@font-face {
font-family: 'noscrape-obfuscated';
src: url('data:font/truetype;charset=utf-8;base64,${font.toString("base64")}');
}
</style>
The font is delivered in a buffer format. To utilize it in our web pages, we convert it into a base64
URL and embed it within a custom @font-face
declaration. Once this is done, we can display the obfuscated data using the specified font-family
in our styles.
<span style="font-family: noscrape-obfuscated">
<div>{ value.title }</div>
<div>{ value.text }</div>
</span>
Bots might not be able to process obfuscated text, which can lead to unpredictable analytics results. Therefore, it's advised not to use this technology on content that's essential for indexed pages. The obfuscation process takes some time (around 50-60ms on standard machines). For API requests, it's recommended to put the obfuscation logic into a scheduled task and reuse the results, rather than recalculating everything for every request.
noscrape
cannot load the provided font file. Default is false.The developers welcome contributions, issues, and feature requests. If you've used this package and fixed a bug, they encourage you to submit a PR.
The package is licensed under the MIT License by Bernhard Schönberger.
FAQs
protect your content from scraping
The npm package @noscrape/noscrape receives a total of 5 weekly downloads. As such, @noscrape/noscrape popularity was classified as not popular.
We found that @noscrape/noscrape demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
Security News
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.