Visibility of source code and JSON files

Hi there!

I have a question about running Streamlit web apps. For example, if I deploy a Streamlit app on Heroku, my understanding is that the app runs server-side on Heroku, while on the client side, only obfuscated javascript can be inspected via the browser. My web application contains some JSON files that my Python script accesses. My question is: can the user view these JSON files or the Python source code in any way via the browser? Isn’t there theoretically a way to de-obfuscate the obfuscated javascript code that can be viewed in the browser?

Thank you!


In general, no. Streamlit has a server-client structure. It does not take your code and make some equivalent Javascript for the user to run computations in their browser. All the computations are done on the server with whatever you specify for display sent to the browser.

As long as you don’t render the JSON files in some way or put them in the static folder with static hosting enabled, they would not be accessible to your users… same for your source code.

Perfect, Thank you! :smiling_face:

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.