DEV Community

Cover image for Question: How do I deal with environment variables in production?
calebdeji
calebdeji

Posted on

Question: How do I deal with environment variables in production?

So I was checking the source code (in browser) of some of my projects and I discovered that even though I used environment variables to store sensitive information I could still see the values when rendered in the browser, meaning that my values are injected during runtime, hence still makes my projects vulnerable. How do I deal with env variables in production so that no one will see the values when the page source is viewed?

Top comments (2)

Collapse
 
andrisladuzans profile image
Andris Laduzans

in my experience i use netlify, and there is usualy an option to add environment variables via some sort of command after deployment. Same with heroku, and i suppose same should be true for other services aswell.
there are some posts here aswell on this topic
dev.to/fabiorosado/hide-your-api-k...

Some comments may only be visible to logged-in visitors. Sign in to view all comments.