I'm making a website and I wanted to use firebase for user registration. In way to configurate firebase, I had to to create some js files with settings to connect to the firebase project. The issue is: if a user connects to "www.myhost.net/firebase.js", he can read all the configuration data. The question is, how do I make the js files unreachable through the links?
Asked
Active
Viewed 23 times
1 Answers
0
You're really asking two questions here.
- Is it safe to have my Firebase configuration public?
- To that, I offer this question: Is it safe to expose Firebase apiKey to the public?
- Can I hide JS files from being viewed/downloaded?
- The short answer is no. If the file is used by your webpage, it must also be publicly accessible.
Niles Tanner
- 3,911
- 2
- 17
- 29