maybe "safe" is a wrong word because of my english, I'm trying to say, everybody can access your js file, but if you access like this, this is not cool, at least for me.
I lead an independent life based on open source culture. I'm making small improvements with PHP, Python as its software language, and occasionally with React.
some people forgetting private infos in a comment. when they get build they know comments will remove, but not in source maps. so this might be a problem for someone
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I didn't do what you ask us to do to keep safe, but my codes are already transpiled in the web. Perhaps you can elaborate more on why it is not safe.
because of source map files, if you don't have, then you safe. otherwise look my example that I gave, you will see why you are not safe.
I have looked at your example, the source code can be seen with our naked eyes. Why it is not safe?
maybe "safe" is a wrong word because of my english, I'm trying to say, everybody can access your js file, but if you access like this, this is not cool, at least for me.
example: maybe you are using a paid service and the api key may be clearly visible.
That's not how api key stealing works, it will be bots looking for keywords like fetch. Besides you shouldn't have any secret like api key on your client app like React. Instead, you should build a proxy server with permission only to your app, and that's where you use your api key.
CRA already warn you on this:
create-react-app.dev/docs/adding-c...
Read more here:
stackoverflow.com/questions/468380...
unicorn-utterances.com/posts/keepi...
some people forgetting private infos in a comment. when they get build they know comments will remove, but not in source maps. so this might be a problem for someone