Resource sanitization feature allows to sanitize and optionally minify the embedded resources of an assembly. Sanitization removes privacy disclosing information such as comments in XML and JSON files, EXIF tag/thumbnail headers in JPEG and PNG files etc.
Eazfuscator.NET supports a finite set of file types which can be sanitized: XML, XSD, XSLT, JSON, PNG and JPEG. All other file types are ignored and kept intact even when there is a directive that instructs to sanitize them.
Let's take a look on example.
Example 5.6. The original XML file
<request id="1"> <reference>REQ-D2867DBE</reference> <destination>Contoso Headquarters</destination> <!-- For the full list of types see https://example.net/internal/docs/contoso-protocol-doc.html --> <type>43</type> </request>
Example 5.7. The sanitized XML file
<request id="1"> <reference>REQ-D2867DBE</reference> <destination>Contoso Headquarters</destination> <type>43</type> </request>
As you can see, the XML comment was pruned during sanitization.
Instructions on enabling resource sanitization
- Open obfuscatable project inside the IDE
-
Add new source file to the project and
call it
ObfuscationSettings.cs(for C#) orObfuscationSettings.vb(for Visual Basic .NET). You may prefer to use another name instead ofObfuscationSettings.csorObfuscationSettings.vb Fill
ObfuscationSettings.cswith the following content (C#):using System; using System.Reflection; [assembly: Obfuscation(Feature = "sanitize resources", Exclude = false)]
For Visual Basic .NET, fill
ObfuscationSettings.vbwith the following content:Imports System Imports System.Reflection <Assembly: Obfuscation(Feature:="sanitize resources", Exclude:=False)>
Assembly resources are not minified by default. If you want to achieve smaller size and better runtime performance of an output assembly then you may consider to turn on the resource minification.
The exact minification effect depends on a file type. For example, all the redundant whitespaces in .xml files are pruned when minification is on.
Example 5.8. The sanitized XML file
<request id="1"> <reference>REQ-D2867DBE</reference> <destination>Contoso Headquarters</destination> <type>43</type> </request>
Example 5.9. The sanitized and minified XML file
<request id="1"><reference>REQ-D2867DBE</reference><destination>Contoso Headquarters</destination><type>43</type></request>
The [minify] flag turns on the minification when specified, as shown in the sample below:
Example 5.10. Sanitize and minify all resources
using System; using System.Reflection; [assembly: Obfuscation(Feature = "sanitize resources [minify]", Exclude = false)]
Sometimes it may be beneficial to sanitize just some resources while leaving the others intact.
The [exclude] flag can be used in order to do that, as shown in the sample below.
Example 5.11. Sanitize all resources except .png files
using System; using System.Reflection; [assembly: Obfuscation(Feature = "sanitize resources", Exclude = false)] [assembly: Obfuscation(Feature = "sanitize resources [exclude] *.png", Exclude = false)]
It may be profitable to go other way around by explicitly specifying just those resources that should be sanitized. This technique is shown in the sample below.
Example 5.12. Sanitize secret.xml and all .jpg resources; the others are left intact
using System; using System.Reflection; [assembly: Obfuscation(Feature = "sanitize resources secret.xml", Exclude = false)] [assembly: Obfuscation(Feature = "sanitize resources *.jpg", Exclude = false)]
The given options can be combined in a free way giving you the power to choose the best combination. If you are not sure which combination to choose then just go with a simplest one: sanitize all resources. If you know what you are doing then you can end up with something like that:
Example 5.13. Advanced resource sanitization configuration
using System; using System.Reflection; [assembly: Obfuscation(Feature = "sanitize resources", Exclude = false)] [assembly: Obfuscation(Feature = "sanitize resources [exclude] *.png", Exclude = false)] [assembly: Obfuscation(Feature = "sanitize resources [exclude] *.jpg", Exclude = false)] [assembly: Obfuscation(Feature = "sanitize resources [minify] License.xml", Exclude = false)] [assembly: Obfuscation(Feature = "sanitize resources [minify] Help.xml", Exclude = false)]