DEV Community

loading...

Discussion on: Firebase Functions: React users need to stop storing sensitive API keys in .env files!

Collapse
mikgross profile image
Mikael

Grabbing API Keys from code hosted publicly shouldn't be an issue. Your rules should guard your databases (Firestore, Firestorage), CORS should guard Auth and Functions.