I am trying to retrieve Location Name from latitudes and longitudes in my app. Now is it safe to add my google map api key in the app itself or should i compute the details on the server side.
Will it affect the performance? If yes, how?
Asked
Active
Viewed 208 times
-3
-
possible duplicate of [How to get city name from latitude and longitude coordinates in Google Maps?](http://stackoverflow.com/questions/2296377/how-to-get-city-name-from-latitude-and-longitude-coordinates-in-google-maps) – Anirudh Sharma Aug 03 '15 at 13:11
1 Answers
1
There is a useful article about this that has been written a few days ago.
It shows multiple ways to 'hide' your secret keys and how easily it can be reverse engineered. In the end this is what the author had to say about it:
The best way to protect secrets is to never reveal them. Compartmentalizing sensitive information and operations on your own backend server/service should always be your first choice. If you do have to consider a hiding scheme, you should do so with the realization that you can only make the reverse engineering process harder (i.e. not impossible) and you will add significant complication to the development, testing, and maintenance of your app in doing so.
So basically, if possible it would be best to store your secret key on the server side.
To answer your question about performance: it depends on how you implement it.
If you do a server call every time you need to translate lon/lat, then yes it will probably affect the performance negatively. I think the better solution would be to either do a server call that has your secret key and returns the translated lon/lat. Or you could do a server call when your application starts and keep the secret key in memory. I have no idea if the second solution is secure though.
M3-n50
- 803
- 1
- 13
- 23