How to extract source code of JavaScript map file exposed to production?

Did you aware of that?

What is exactly is the source map file?

A source map is a file that maps from the transformed source to the original source, enabling the browser to reconstruct the original source and present the reconstructed original in the debugger. To enable the debugger to work with a source map, you must: generate the source map

So for the debugging purpose developers have enabled the below lines

//# sourceMappingURL=http://example.com/build.map

what exactly does webpack do?

PC: Webpack

When we use Webpack, Gulp, or browserify for bundling, transpilation, minification, and uglification.

For Detailed about webpack here: https://github.com/webpack/docs/wiki/usage

Now Let extract the source code from js.map

I have created a simple PHP file for extracting the source code from js.map file

Basically map file holds all files and source-code in JSON Format

Download this gist file (https://gist.github.com/Sturtuk/c74b41506d0ef71630eda2f1eb1adbbd)

rename the file in variable @ $file = ‘main.ff0058ad.js.map’;

I have downloaded from a random website, the map file size was 6mb

run > php your_php.php

See the Magic

Conclusion

Protect your source code and logic from production, Is not easy to copy code from minified files when some Idiot tries to convert

Better Safe Gaurd your Ideas

Secure your source map in production

Finally

You must have found this useful, “Press clap”.