I want to prevent user from viewing and changing my code. The standard rot13 encoding in StorySettings doesn't work for me because my alphabet is not Latin - this is the error message I get
And besides, I need to encrypt digits and other symbols as well as letters. Any way to add my own encrypting function to the engine? Will just replacing the content of rot13() in engine.js (and keeping the algorithm symmetrical) be enough?
Because the encryption method you decide to use needs to be bi-directional there is actually no way to stop an user from being able to access/copy your story's source code.
On the other hand there are a number of ways something can go wrong with the decoding/decrypting which can cause the story to be unreadable by the user, which is why encoding/encrypting is generally not recommended.
Because TWS files can become corrupted you may want to also implement the decode/decrypt process within the application's Import from Compiled HTML file process (the TiddlyWiki addHtml function so that you can recover your story source code.
There is one more idea: to calculate the checksum of the story and to prevent the story from running if mismatch. Can this be done easily?
can the user overcome the check: yes
The story is a HTML file which can be edited in a Text Editor, so it would be trivial for a user to replace your checksum with their own or to totally remove the check.
Short of converting the HTML file into some type of binary executable there is no meaningful way to protect the code of a web-application because the web-browser needs to be able to parse/process that code.
So, any ideas how to calculate the checksum from within the story?
But then there is the circler issue of then needing to modify the HTML file to insert the CRC32 number generated based on the unmodified HTML file which would then invalidate the CRC32 number.
You could calculate the CRC32 based on some portion of the HTML file, but it would need to be an area that does not change when you modify the HTML to insert the CRC32 number.