Security: API key detected in code

covidwatchorg / portal

Covid Watch Portal web app for diagnosis verification

Apache License 2.0

8 stars 3 forks source link

Security: API key detected in code #368

Closed whaber closed 4 years ago

whaber commented 4 years ago

If this should not be exposed, please change the key and do not place the key in public areas of GitHub.

apiKey - firebase.config.local.js

colbymorrison commented 4 years ago

See the comment at the top of firebase.config.dev.js for an explanation about these Firebase "API keys." If I remember correctly, they are not actually used for authentication and are ok to have in public GitHub.

jcolla-holla commented 4 years ago

Perhaps that same message should be added to firebase.config.local.js and any other locations where a firebase API key is included.