/

Reserved Names

Protection ID: reservedNames

Reserved Names allows you to specify patterns for identifier names that should be preserved during obfuscation. This ensures that critical functions, variables, and parameters are not renamed, maintaining compatibility with external code and APIs.

This protection is available in all editions of ByteHide Shield.

How It Works

Reserved Names works by defining regular expression patterns that identify which identifiers should be exempt from renaming during the obfuscation process. When an identifier matches any of the patterns in your reserved names list, ByteHide Shield will preserve its original name instead of transforming it.

This is particularly important for preserving:

  1. External API calls and interfaces
  2. Function names that are referenced by external code
  3. Event handlers that are bound by name
  4. Properties accessed via string literals
  5. Global identifiers required for proper application functionality

By carefully configuring reserved names, you can ensure robust obfuscation while maintaining all necessary external compatibility.

Parameters

  • Patterns string[] : An array of regular expression patterns for names that should not be renamed. [] (empty array) by default

Patterns are tested against identifier names as JavaScript regular expressions. Prefix patterns with ^ to match the beginning of identifiers and use $ to match the end.

Configuration Examples

Basic Configuration (shield.config.json)

{
  "reservedNames": ["^jQuery", "^\\$", "^angular"]
}

Advanced Configuration

{
  "identifierNamesGenerator": "hexadecimal",
  "renameGlobals": true,
  "reservedNames": [
    "^_",
    "^\\$",
    "^jQuery",
    "^React$",
    "^Component$",
    "^render$",
    "Handler$",
    "^on[A-Z]",
    "^(data|aria)-"
  ]
}

Build Tool Integration (Webpack)

// webpack.config.js
const ByteHideShieldPlugin = require('@bytehide/webpack-shield');

module.exports = {
  // ... other webpack config
  plugins: [
    new ByteHideShieldPlugin({
      projectToken: 'your-project-token',
      config: {
        identifierNamesGenerator: "hexadecimal",
        reservedNames: ["^\\$", "^_", "^on[A-Z]"]
      }
    })
  ]
}

Usage Examples

Preserving jQuery and Event Handlers

// Original code
function setupEventHandlers() {
  jQuery('#submit-button').on('click', onSubmitClick);
  $('#cancel-button').on('click', onCancelClick);
  
  $('.form-input').on('change', function handleInputChange(e) {
    validateInput(e.target);
  });
}

function onSubmitClick(e) {
  // Handle submit click
  submitForm();
}

function onCancelClick(e) {
  // Handle cancel click
  resetForm();
}

To properly obfuscate this code while maintaining functionality, use these reserved names:

{
  "reservedNames": ["^jQuery", "^\\$", "^on[A-Z][a-zA-Z]+$"]
}

After obfuscation, the code might look like:

function _0x4f3a12() {
  jQuery('#submit-button').on('click', onSubmitClick);
  $('#cancel-button').on('click', onCancelClick);
  
  $('.form-input').on('change', function _0x5e2b34(_0x3a7df1) {
    _0x2e7c63(_0x3a7df1.target);
  });
}

function onSubmitClick(_0x17e9b3) {
  // Handle submit click
  _0x38a2f7();
}

function onCancelClick(_0x29f7e2) {
  // Handle cancel click
  _0x4b75a3();
}

Notice how jQuery, $, onSubmitClick, and onCancelClick were preserved, while other identifiers were obfuscated.

Common Patterns to Reserve

Here are some common patterns you might want to include in your reserved names:

  • Framework-specific: "^React", "^Vue", "^angular", "^\\$", "^jQuery"
  • Event handlers: "^on[A-Z]", "Handler$", "Listener$"
  • Special variables: "^_", "^__", "process$", "^global$"
  • DOM attributes: "^(data|aria)-"
  • Test hooks: "TestId$", "^test[A-Z]"
  • Common globals: "^document$", "^window$", "^console$", "^localStorage$"

When to Use

Reserved Names should be used whenever you're obfuscating code that:

  • Interfaces with external libraries: When your code calls external libraries by name
  • Uses DOM event binding: Event handlers that are referenced by string names
  • Exposes public APIs: Functions and methods meant to be called by external code
  • Uses reflection: Code that references other parts of itself by name
  • Has globally required names: Identifiers that must maintain their original names

For optimal results:

  1. Start with a minimal set of reserved names
  2. Test thoroughly after obfuscation
  3. Add patterns only when necessary to fix specific issues
  4. Be as specific as possible with patterns to maximize obfuscation

Compatibility Notes

Reserved Names has the following compatibility considerations:

  • Pattern specificity: Overly broad patterns can reduce obfuscation effectiveness
  • Performance impact: None; this only affects the obfuscation process, not runtime code
  • Regular expression syntax: Uses JavaScript regular expression syntax
  • Case sensitivity: Patterns are case-sensitive by default

Be careful not to over-reserve names. Each pattern you add reduces the effectiveness of identifier renaming protection. Always use the most specific patterns possible.

Reserved Names is typically used alongside these protections:

Previous
Exclusions
Next
Reserved Strings