I have learned a bit of webGL, using three.js mainly. I load .obj files and I draw them in 3D.
I have put my project online under something like : www.mydomain
I don't mind people looking at my source code through their browser, but the .obj files I'm showing are from someone who does not want to give them away.
I'm a total newbie concerning this.
As my source code is available to everyone I'm guessing that the .obj files are also available to everyone. So is it possible to hide or secure them so that nobody can download them ?
I have learned a bit of webGL, using three.js mainly. I load .obj files and I draw them in 3D.
I have put my project online under something like : www.mydomain.
I don't mind people looking at my source code through their browser, but the .obj files I'm showing are from someone who does not want to give them away.
I'm a total newbie concerning this.
As my source code is available to everyone I'm guessing that the .obj files are also available to everyone. So is it possible to hide or secure them so that nobody can download them ?
Share Improve this question asked Jan 2, 2013 at 8:55 mthpvgmthpvg 3,8093 gold badges27 silver badges35 bronze badges 2- 3 No, because when you get these files to draw them they already are downloaded to the client machine... – 11684 Commented Jan 2, 2013 at 8:57
- 1 Your only chance is probably obfuscation etcetera. – 11684 Commented Jan 2, 2013 at 8:58
4 Answers
Reset to default 8I'm pretty sure you can not secure any files if you want to access and use them in Javascript / WebGL. They need to be parsed into a usable format at some point for the browser/javascript to be able to display them. You have two options:
1) Obfuscation. I don't think this is very good option, as in the end someone can always use Firebug and other tools to access somewhat useful representation of your files. You can make it a bit less easy to do by encrypting or scrambling data server-side, and reconstructing stuff in Javascript. Or just using unconventional ways to load and represent files.
You can also do some decoding / decrypting in shader code which would be one step harder to steal. But that probably applies to textures only.
2) Make the files less useful. For someone to reuse your OBJ files, they probably want to import the models to software of their choice and do something. You can not prevent that but you can strip the files of extra information that makes the files easier to work with. This will make files less desirable for any potential thieves.
I do it for pletely different reasons, but my main use of WebGL involves exporting models from Sketchup to Collada, and displaying them in WebGL. My export code does some things, which as a side-effect make the exported model a pain to work with. This include making all ponent instances unique (de-instancing?), exploding all ponents and groups to plain geometry, triangulating all faces, deleting hidden geometry etc.
Would be a PITA to bring that back to Sketchup for editing without the original file... specially because the models I work with, by nature heavily depend on ponent and group instancing. But still, nothing prevents someone from stealing the geometry "as is".
If someone is dowloadable to the browser then it is at the user's puter.
You can make reading files more difficult, but it will only slow down grabbing the .obj data. If someone wants to do it then he/she can eventually do it. The decryption key must be always on the client puter. So you can only slowdown the process. So the question bees "How difficult and how plex you want to make your .obj reading code and is it worth of the effort?" Simply by adding one extra byte at the beginning of the file is probably enough to make the files not to open as is in the modelling software.
I suggest you educate your someone how internet works and simply say it is not possible or worth of trying to do it and save yourself of ing up with homebrew implementations how to make data reading more difficult.
See the other answers but this is not unique to WebGL. ANY program in ANY language has this issue. Once the data is on the user's puter, phone, etc people can get the data. Examples:
- reading an iOS app's data
- reading a native PC app's data
On the other hand you can follow the techniques mentioned above. Use your own format. Massage the data so it's best for rendering which usually makes it bad for editing.
Also you can of course make your files require someone login to your website to read them in the first place similar to they way gmail, facebook, google docs etc require you to login. That won't prevent them from getting the files once they've signed up but. You can also setup your server so only your app can download the files. Again that won't prevent the user from getting the files once your app has downloaded them (or they've injected JavaScript through a browser extension) but it will prevent your bandwidth being stolen from other sites directly linking to your data.
You'd have to do some sort of server side rendering and then stream it to the user.