Resource Sanitization

Resource sanitization feature allows to sanitize and optionally minify the embedded resources of an assembly. Sanitization removes privacy disclosing information such as comments in XML and JSON files, EXIF tag/thumbnail headers in JPEG and PNG files etc.

Eazfuscator.NET supports a finite set of file types which can be sanitized: XML, XSD, XSLT, JSON, PNG and JPEG. All other file types are ignored and kept intact even when there is a directive that instructs to sanitize them.

Let's take a look on example.

<request id="1">
  <reference>REQ-D2867DBE</reference>
  <destination>Contoso Headquarters</destination>
  <!-- For the full list of types see https://example.net/internal/docs/contoso-protocol-doc.html -->
  <type>43</type>
</request>

<request id="1">
  <reference>REQ-D2867DBE</reference>
  <destination>Contoso Headquarters</destination>
  <type>43</type>
</request>

As you can see, the XML comment was pruned during sanitization.

Assembly resources are not minified by default. If you want to achieve smaller size and better runtime performance of an output assembly then you may consider to turn on the resource minification.

The exact minification effect depends on a file type. For example, all the redundant whitespaces in .xml files are pruned when minification is on.

<request id="1">
  <reference>REQ-D2867DBE</reference>
  <destination>Contoso Headquarters</destination>
  <type>43</type>
</request>

<request id="1"><reference>REQ-D2867DBE</reference><destination>Contoso Headquarters</destination><type>43</type></request>

The [minify] flag turns on the minification when specified, as shown in the sample below:

using System;
using System.Reflection;

[assembly: Obfuscation(Feature = "sanitize resources [minify]", Exclude = false)]

Sometimes it may be beneficial to sanitize just some resources while leaving the others intact. The [exclude] flag can be used in order to do that, as shown in the sample below.

using System;
using System.Reflection;

[assembly: Obfuscation(Feature = "sanitize resources", Exclude = false)]
[assembly: Obfuscation(Feature = "sanitize resources [exclude] *.png", Exclude = false)]

It may be profitable to go other way around by explicitly specifying just those resources that should be sanitized. This technique is shown in the sample below.

using System;
using System.Reflection;

[assembly: Obfuscation(Feature = "sanitize resources secret.xml", Exclude = false)]
[assembly: Obfuscation(Feature = "sanitize resources *.jpg", Exclude = false)]

The given options can be combined in a free way giving you the power to choose the best combination. If you are not sure which combination to choose then just go with a simplest one: sanitize all resources. If you know what you are doing then you can end up with something like that:

using System;
using System.Reflection;

[assembly: Obfuscation(Feature = "sanitize resources", Exclude = false)]
[assembly: Obfuscation(Feature = "sanitize resources [exclude] *.png", Exclude = false)]
[assembly: Obfuscation(Feature = "sanitize resources [exclude] *.jpg", Exclude = false)]
[assembly: Obfuscation(Feature = "sanitize resources [minify] License.xml", Exclude = false)]
[assembly: Obfuscation(Feature = "sanitize resources [minify] Help.xml", Exclude = false)]