Hey,
This particular solution can be very useful in certain use-cases and that was the only purpose of sharing it in a blog post. I may have missed the implementation of env vars in runtime and would love to understand how it is done. If you can share implementation details for that, it would be really enlightening :)
There are no security implications in this approach. Env vars will not solve anything in this case. This is a Frontend application, every line of code including config variables it has is available to any user on the internet.
It is a common error to mess BE (where config is sensible) and FE (where it is not) security approaches.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
This solution can have bad security implications its straight dangerous recommending it in a blog post. This could be solved by using env vars
Hey,
This particular solution can be very useful in certain use-cases and that was the only purpose of sharing it in a blog post. I may have missed the implementation of env vars in runtime and would love to understand how it is done. If you can share implementation details for that, it would be really enlightening :)
freecodecamp.org/news/how-to-imple...
This is of course only one of the implementations, but the idea is there :)
Thanks for sharing. Will surely check and try to implement. 🙌
@ziker22
the link you provided literally has the same solution described here, maybe you misunderstood the concept of runtime config?
There are no security implications in this approach. Env vars will not solve anything in this case. This is a Frontend application, every line of code including config variables it has is available to any user on the internet.
It is a common error to mess BE (where config is sensible) and FE (where it is not) security approaches.