0

$my_env = getenv('API_KEY');

I'm able to retrieve the environmental variable from heroku but now i'm confused on how to implement this variable in my javascript file and assign it to the API Key for firebase real-time database without it being exposed.

KneeHowMa - Technology
  • 51
  • 4
  • 1
    Everything you put into client-side JavaScript code is automatically “exposed”. If this is an API key you are meant to keep a secret - than that also means, you need to make your API calls on the server side. – 04FS Jan 16 '20 at 11:43
  • How would I do that tho? Firebase performs js function such as firebase.initializeApp(firebaseConfig) for running my database. And how would I input that php variable into js code on my client side? – KneeHowMa - Technology Jan 16 '20 at 11:49
  • In case of firebase, “exposing” the API key in client-side code apparently is not an issue - https://stackoverflow.com/questions/37482366/is-it-safe-to-expose-firebase-apikey-to-the-public – 04FS Jan 16 '20 at 11:52
  • _“And how would I input that php variable into js code on my client side?”_ - how to pass a value from PHP to client-side JavaScript, is anything but a new question. Please do some basic research. – 04FS Jan 16 '20 at 11:53

0 Answers0