Qolzam
commented
6 years ago Thanks for reporting. Sure it's not normal. I will investigate in a few days. Please set a clear title to show the content briefly. Thanks again!
Closed KaMeHb-UA closed 6 years ago
Qolzam
commented
6 years ago Thanks for reporting. Sure it's not normal. I will investigate in a few days. Please set a clear title to show the content briefly. Thanks again!
KaMeHb-UA
commented
6 years ago Screen is provided from production build
Qolzam
commented
6 years ago Please pull new change and try again. Let me know if any issue. Thanks!
KaMeHb-UA
commented
6 years ago I've pulled your commit. But env files still exists in service worker. Then I've cleared both browser and service worker cache and it appeared in /static/js/config again (production build)
Qolzam
commented
6 years ago I have tested but I only see compile file. Can you send me the steps you are doing for build production?
KaMeHb-UA
commented
6 years ago Yeah, of course! I've done next:
nextnext with my own treeyarn buildserve -s buildQolzam
commented
6 years ago Thanks a lot. Not sure why I see different but I found the reason. The source map files appear in Chrome so you can see all the source files. Here is the good discussion about this situation . So I am going to close this issue but let me know if any question. Thanks again!
KaMeHb-UA
commented
6 years ago So what to do? How about security? Base will be open for anyone?
Qolzam
commented
6 years ago Please read the discussion in details. there are enough solution for you to remove the source map files.
KaMeHb-UA
commented
6 years ago Yeah, I've read the discussion but forget to remove the comment. Thanks a lot!
Is it normal that I can see my apiKey (both in production and in dev envs)? Is this not secret?
If it is normal, what rules need to be configured in firebase?
For my purpouses I need to generate secret access token for user and save it to firebase. But.. it will be readable for anyone with my apiKey, isn't it? So what can I do in this situation?