Cia Guiseppe, and thank you for share your knowledge with us.
Two questions/points:
1/ you can share your dotenv content to frontend side by webpack, correct (even if it seems to be considered as a bad practice) ? You didn't talk about that. Can you develop on this point ?
2/ How to handle real variable environment from .env file the best way ? (use case is about to protect key code or any other sugar strings or private datas, but also to handle a variable environment who can change depend of your distribution to install the source code on).
Hi Jérôme,
thank you for you comment. You're right: you shouldn't expose your sensible info (API users, tokens, passwords and so on). This is meant only for sharing silly information and to avoid some harcoded values related to specific envs.
But I'd say yes: is not definitely a best practice to share everything, because being a front end stuff everybody could easily get those info. So I'd suggest to put your private datas one the server side, for sure.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Cia Guiseppe, and thank you for share your knowledge with us.
Two questions/points:
1/ you can share your dotenv content to frontend side by webpack, correct (even if it seems to be considered as a bad practice) ? You didn't talk about that. Can you develop on this point ?
2/ How to handle real variable environment from .env file the best way ? (use case is about to protect key code or any other sugar strings or private datas, but also to handle a variable environment who can change depend of your distribution to install the source code on).
Hi Jérôme,
thank you for you comment. You're right: you shouldn't expose your sensible info (API users, tokens, passwords and so on). This is meant only for sharing silly information and to avoid some harcoded values related to specific envs.
But I'd say yes: is not definitely a best practice to share everything, because being a front end stuff everybody could easily get those info. So I'd suggest to put your private datas one the server side, for sure.