DEV Community

Discussion on: How do you deploy frontend and backend separately?

Collapse
dtinth profile image
Thai Pangsakulyanont • Edited on
  • Most things that runs on client-side can be tampered with, if they so choose to, they could inspect your page (or just look at the network requests) and extract out the API key.

  • If you try out Google APIs, they let you generate a key and restrict it by HTTP Referrer.

  • You can also use Netlify’s proxy to put both the front-end and back-end under the same domain, eliminating problems with CORS.

Collapse
patarapolw profile image
Pacharapol Withayasakpunt Author

Thanks. If it's netlify.toml, it is easy to hide.