How protect chrome extension

Question

Chrome extension is packed to zip archive. After setup it is installed on folder and user can access to it. Also he can rewrite extension and even clone to new extension.

<

Answer 1

Currently there is no way you can hide your Chrome extension source code from users or competitors.

There is a statement in Chrome web store faq:

Can I sell extensions in the store? Not yet, but this functionality is coming soon.

You may wait for this feature or try the following alternatives:

• Obfuscate your Javascript source: Check this for more details How can I obfuscate (protect) JavaScript?

• Keep your key logic on a remote server and make Ajax calls from the background script to communicate to the server

Chrome extensions are free from 'same origin policy' if cross-origin permission is defined in the manifest:

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy. Extensions aren't so limited. An extension can talk to remote servers outside of its origin, as long as it first requests cross-origin permissions.

Define the following in your manifest:

{
    "name": "your extension",
    ...
    "permissions": [
        "http://www.yourserver.com/"
    ],
    ...
}