I am using the firebase storage and account system in my website. Thats why, I had to put some js codes (include api key). Can I hide this code. Because somebody can hack (create billions accounts or add billions files) my firebase with this api code. Thanks for helping.
Asked
Active
Viewed 1,661 times
1 Answers
3
have a look at this Firecast that was released just yesterday that talks about this topic among other valuable security questions.
https://youtu.be/6sIZvHOEw6Q?t=138
TL;DR There is no reason to try to hide the key (and it's not possible either, since the browser will need it to use Firebase anyways)
hank
- 3,748
- 1
- 24
- 37
-
Whoa, that was a quick downvote, care to explain? – hank Oct 14 '16 at 14:02
-
Note sure why you attracted downvotes. I counter-upvoted, but also closed as a duplicate. – Frank van Puffelen Oct 14 '16 at 14:20
-
Quite ok Frank, was just curious. The Firecast is definitely worth a look for all similar questions however. – hank Oct 14 '16 at 14:42
-
I didn't downvote, but this looks superficially a lot like a link-only answer. It might be better to switch the structure around so that the TL;DR part is the main thing and the video recommendation is a side note. – JJJ Oct 14 '16 at 14:59