jeffshaver
commented
9 years ago How is Meteor.settings not secure? The only thing that is exposed to the client is anything inside the public key. Everything else is only available on the server?
Open jeffshaver opened 9 years ago
jeffshaver
commented
9 years ago How is Meteor.settings not secure? The only thing that is exposed to the client is anything inside the public key. Everything else is only available on the server?
Needs to be secure, but accessible from both client/server. Stuff like Initiative limit should be there, whether to run in debug or production mode (for mocking data).
We should only be using settings.json for service credential stuff, like Facebook App Id, secrets, AWS, etc.