JavaScript Obfuscator

Remove comments, collapse whitespace, and encode string literals to make JavaScript harder to read.

Last updated: May 29, 2026

Remove CommentsMinify WhitespaceEncode String Literals

Original JavaScript

Obfuscated Output

function authenticateUser(username,password){
const secretKey="super-secret-key-123";
const apiEndpoint="https://api.example.com/auth";
if(!username||!password){
throw new Error("Username and password are required");
}
return fetch(apiEndpoint,{
method:"POST",
headers:{"Content-Type":"application/json"},
body:JSON.stringify({username,password,key:secretKey})
}).then(res=>res.json());
}

Input: 537 BOutput: 388 BReduction: 27.7%

Client-Side Processing

Input Data Stays on Device

Instant Local Execution

Find this tool useful? Support the project to keep it free!

Buy me a coffee

What is JavaScript Obfuscator?

JavaScript Obfuscator applies lightweight transformations to make JavaScript source code harder to read without altering its behavior. It removes comments, collapses whitespace, and optionally encodes string literals as hex escape sequences (e.g. "hello" → "\x68\x65\x6c\x6c\x6f"). This is a basic, browser-based obfuscator — for production-grade obfuscation with control flow flattening and identifier mangling, consider tools like the javascript-obfuscator npm package.

How to Use JavaScript Obfuscator

Paste JavaScript into the input.

Choose obfuscation options.

Review the obfuscated output.

Copy or download the result.

Common Use Cases

Quickly stripping comments and whitespace before deploying a script.
Lightly protecting API keys or endpoint strings embedded in client-side JS.
Reducing file size by removing developer comments from production scripts.
Encoding string literals before embedding code in a CMS or email template.

Example Input and Output

A function with comments and readable strings is stripped and minified.

Original JavaScript

// Greet user
function greet(name) {
  const msg = "Hello, " + name;
  return msg;
}

Obfuscated output

function greet(name){const msg="Hello, "+name;return msg;}

Privacy

JavaScript code is processed locally in the browser and is not uploaded.

Frequently Asked Questions

Will obfuscated code still run correctly?

Yes. Comment removal and whitespace minification are safe transformations that do not affect runtime behavior. String encoding also preserves behavior since JavaScript decodes \x escape sequences at parse time.

Does this protect my code from reverse-engineering?

Basic obfuscation makes code harder to read at a glance but is not strong protection. A determined developer can format and read the output. For strong protection, use a production obfuscator with identifier mangling and control flow transformations.

Is my code uploaded anywhere?

No. All processing runs in your browser.

What is string encoding?

String encoding replaces each character in a string literal with its \xNN hex escape. For example "Hi" becomes "\x48\x69". JavaScript evaluates these at parse time, so the runtime value is the original string.

Related Tools

JavaScript Beautifier

Format and beautify minified or messy JavaScript code.

JavaScript Validator

Check JavaScript code for syntax errors instantly — get the error type, message, and line number without running the code.

HTML Minifier

Compress HTML by removing whitespace, comments, and redundant attributes — with size reduction stats.

Code Highlighter

Paste code in JavaScript, TypeScript, Python, HTML, CSS, SQL, JSON, or Bash and get a syntax-highlighted HTML snippet you can embed anywhere. Live preview and copy-ready output.

JavaScript Tester

Run and test JavaScript code directly in your browser — see console.log output, errors, and execution time instantly.

Code to Image Converter

Convert code snippets to beautiful images for sharing.