I am developing my web application with angularjs, previously I worked with angularjs on Ionic. In the mobile applications I used an encryption plugin that impeded being able to see the source code and with that I passed security. However, this time I'm in a web development with angularjs and only with "See source code", I can access constants, controllers, etc etc.
My query is as follows: How can I add security to my application files?
Although there is no way to hide the script because it loads in the browser what makes it public, what you can do is obfuscate it by making the code almost impossible to read.
There are tools like javascriptobfuscator that can help you. The only thing you have to keep in mind is that obfuscation can make your code a bit slower because it modifies your code.
Since you are using angle, it is good to note that you have to make sure to define the dependencies as an array, not as parameters. For example, if you obfuscate the following code, it will throw you an error:
app.controller("ctrl",function($scope, $http)){
// codigo
})
You will fail because the obfuscation will change the name of $scope to __b , for example, so angular can not find that dependency and will throw an error. Using the array syntax will work well:
app.controller("ctrl",['$scope', '$http', function($scope, $http)){
// codigo
}])
Now it will work for you because angular knows which dependency to inject based on the names of the array.