Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
@noscrape/noscrape
Advanced tools
The primary mechanism behind noscrape
is the utilization of any true-type font. From this, noscrape
generates a new version with shuffled unicodes, ensuring that it's impossible to reverse-calculate them. This means that both strings and integers are obfuscated and can only be deciphered using the generated obfuscation-font.
While the glyph-paths inside the font cannot be entirely removed, they are obfuscated by randomly shifting them slightly. This makes it challenging to reverse-calculate them, but it's not entirely impossible, especially for machine learning algorithms. The developers are open to suggestions for improving this aspect.
In an era where artificial intelligence is becoming increasingly integral to our daily lives, it's important to remember that AI thrives on data, and your data is a valuable commodity that shouldn't be given away lightly.
noscrape
on your website to protect against web scrapers. This can be particularly useful for content
that is unique to your site, so you wish to prevent it from being copied or used without permission. noscrape
to obfuscate sensitive information such as personal identifiers, financial details, or confidential
text in a way that is visually accessible but protected against scraping and automated data extraction tools.
noscrape
it makes no sense to scrape them and one can reduce the number of bot
interactions and so to lower costs at the end.
noscrape
can be used to
display information in a secure manner.
To install the @noscrape/noscrape
package, simply run the following command in your project directory:
npm install @noscrape/noscrape
const { Noscrape } = require('@noscrape/noscrape');
// create noscrape instance
const noscrape = new Noscrape('path/to/font.ttf', { options })
// obfuscate data
const number = noscrape.obfuscate(123);
const string = noscrape.obfuscate("noscrape");
const object = noscrape.obfuscate({ title: "noscrape", text: "obfuscation" });
// generate obfuscation font buffer after all obfuscation is done
const font = noscrape.getFont();
then provide font
and data
to the client/frontend
<style>
@font-face {
font-family: 'noscrape-obfuscated';
src: url('data:font/truetype;charset=utf-8;base64,${font.toString("base64")}');
}
</style>
The font is delivered in a buffer format. To utilize it in our web pages, we convert it into a base64
URL and embed it within a custom @font-face
declaration. Once this is done, we can display the obfuscated data using the specified font-family
in our styles.
<span style="font-family: noscrape-obfuscated">
<div>{ object.title }</div>
<div>{ object.text }</div>
</span>
Bots might not be able to process obfuscated text, which can lead to unpredictable analytics results. Therefore, it's advised not to use this technology on content that's essential for indexed pages. The obfuscation process takes some time (around 50-60ms on standard machines). For API requests, it's recommended to put the obfuscation logic into a scheduled task and reuse the results, rather than recalculating everything for every request.
Strength (obfuscation strength multiplier)
Default is 1. Values below 0.1 are not recommended as paths can be easily reverse-calculated.
Values over 10 might not look visually appealing.
Character Range
This defines the character range used for encryption. Options include:
Low Memory
This option is for situations with limited memory where noscrape
cannot load the provided font file.
Default is false.
The developers welcome contributions, issues, and feature requests. If you've used this package and fixed a bug, they encourage you to submit a PR.
The package is licensed under the MIT License by Bernhard Schönberger.
FAQs
protect your content from scraping
We found that @noscrape/noscrape demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
Security News
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.