📜  反应中的环境变量 - 无论代码示例

📅  最后修改于: 2022-03-11 14:58:47.732000             🧑  作者: Mango

代码示例1
WARNING: Do not store any secrets (such as private API keys) in your React
app! (source: https://create-react-app.dev/docs/adding-custom-environment-variables)
Reason: Environment variables are embedded into the build, meaning anyone can view them
by inspecting your app's files.

Unfortunately, keeping any key in your React client, even if you are using 
gitignore and an .env file, is not secure.

Solution: You should really only save API keys or secrets in your backend such 
as Node / Express. You can have your client send a request to your backend API,
which can then make the actual API call with the API key and send the data back
to your client.