How to protect the source code of Flutter Web deployed to Firebase Hosting?

Question

I made a Flutter Website and I deployed to Firebase Hosting, if I inspect the page on Google Chrome, in "Sources" tab it's possible get the source code of the website.

Is there any way to protect the source code, not having the entire code exposed like this?

Answer 1

If you look at the source file you will see that it is compiled/minified.

// snippet
var r
var q=d
try{if(a[b]===s){r=a[b]=q
r=a[b]=d()}else r=a[b]}finally{if(r===q)a[b]=null
a[c]=function(){return this[b]}}return r}}function lazy(a,b,c,d){var s=a
a[b]=s

What you are seeing are the sourcemaps which show a developer friendly view of the compiled/minified code. I don't see any options for turning sourcemaps off.

Something to keep in mind is that you are shipping a client side app. Once code is on other computers there is not much you can do to prevent them from reverse engineering it.

Answer 2

As described in this page, you need to build your web app using the flutter build web command, then deploy what you find in the ./build/web folder, to Firebase.

Answer 3

It seems that your are hosting your entire app directory. You need to build your website with 'flutter build web'. Then 'firebase deploy' the build/web directory. You need to specify in your firebase.json at the route of the project :

{
  "hosting": {
    "site": "YOUR_WEBSITE_NAME",
    "public": "build/web/",
    "ignore": [
      "firebase.json",
      "**/.*",
      "**/node_modules/**"
    ]
  }
}