Obfuscate data sent from dash server?

Dash Python
1

Hi all. Is there any way to “obfuscate” the data being sent from the server to the client with a dash app? From what I can tell, the data sent to the client is always the “raw data”. The client can immediately graph the data with no processing on that data.

When I view the network tab on my browser, whenever I make a data selection with the client, I can see the raw data being returned:

{
    "multi": true,
    "response": {
        "line-plot": {
            "figure": {
                "data": [
                    {
                        "x": [
                            "1",
                            "2",
                            "3"
                        ],
                        "y": [
                            # raw data is below, easy to scrape
                            1086.0,
                            1087.0,
                            1081.0
                        ],
                        "type": "line",
                        "name": "Dataset1"
                    }
                ],
                "layout": {
                    [...]
                }
            }
        }
    }
}

Any ideas on how to obfuscate the data returned from the server? Such that the client has to do a little processing of the data returned from the server to plot it? I don’t need a lot of obfuscation. Just enough to make it a bit of a hassle to “scrape” my dataset that I am trying to let others visualize.

Thanks in advance!

1 Like
2

Hello @mattpopovich,

Welcome to the community!

While yes, it is possible to do something like encrypt this, if the decrypting always happens on the clientside then the user can always enact the function that you use to decrypt.

With that being said, you could create a chained callback, one where it returns the encrypted data to a dcc.Store, and then a clientside callback that takes the dcc.Store data and decrypts it, return the figure to the figure.

A clientside callback is a little harder to trace without understanding all the workings of dash. To do this, you would have another store that would also house the encrypting/decrypting key.

All of the stores should exist in memory, and could be just a regular uuid provided by the python side each time the user refreshes the app, thus it cannot be guessed. Stores that are in memory are again, a lot harder to find.