sibelius
commented
7 years ago You can use react-native-dotenv and keep your keys outside the code
Open sandropoluan opened 7 years ago
sibelius
commented
7 years ago You can use react-native-dotenv and keep your keys outside the code
brunsy
commented
7 years ago @sandropoluan, The app keys can still be reverse engineered. You will need to design your app with that in mind.
victorbadila
commented
7 years ago to comment on this I think it is definitely not safe, however I don't think there is any alternative to this if you want to fallback to google api solely from the client app. the fallback thing is optional though, so up to each one whether they want to risk exposing their key or not. would adding this warning to the README.md documentation be enough in order to close this issue?
gareys
commented
6 years ago I know this is stale, but you have to place your API key in the client-side application for the client-side google maps api to work. That being said, they allow you to restrict access to IP addresses, referrer URLs and mobile apps. Client side maps API keys are everywhere, you just have to restrict access to them appropriately to avoid being exploited. See https://stackoverflow.com/a/39625963/5380634 and https://console.developers.google.com
import Geocoder from 'react-native-geocoder'; // simply add your google key Geocoder.fallbackToGoogle(MY_KEY);Is it save to put the KEY on javascript file (client side) ? Will it not be readable by someone?