I started using vue instead of Asp.Net as my client side framework in addition with Firebase Auth for authentication. In all tutorials, they added the firebase auth configuration file to the main.js file.
I am a little bit concerned from a security point of view; since vue is a client-side framework, wouldn't it be possible for someone to access the configuration that is inside main.js which would create a security hole?
Asked
Active
Viewed 13 times
0
Phil
- 157,677
- 23
- 242
- 245
Tom el Safadi
- 6,164
- 5
- 49
- 102
-
_"possible for someone to access the configuration that is inside main.js"_ absolutely, yes. _"which would create a security hole"_ no, the client-side Firebase credentials are not useful to anyone else – Phil Jun 02 '20 at 23:22
-
Indeed, I am not sure how I didn't stumble across that question! Thanks! So I guess it is not a security hole since I limit the IP addresses or domains that have access to Firebase Auth? @Phil – Tom el Safadi Jun 02 '20 at 23:28