After doing a couple of open source Firebase projects (web apps, I mean), I feel like I'm experienced* enough to write this post. So if I say somet...
For further actions, you may consider blocking this person and/or reporting abuse
Even if you don't use Firebase hosting, the config object is still there (in the frontend / client-side/ web browser), just obfuscated.
Yes, and unfortunately developers add unnecessary abstractions to hide, which is sad. I hope this article will help them.
Hi Sarvesh,
Assuming you're using environment variables in CI jobs, it is perfectly abstracted from the public. You need not worry getting them leaked. Its perfectly fine to store it in environment variables.
Hi Sarvesh,
You should try configuring your environment variables like mentioned in the docs (link)
You should also set those environment variables in Vercel (link)
After these steps and double-checking, it will work
Hello
I am working in HTML and Firebase Project
Is it good to add firebase config in index.html (as People can see it ) or add it in JS file
Thanks
Hello Kevin!
Its okay to add it in the HTML files. But since you'll be having JS files, my opinion would be to add it in the JS files.
Enjoy!
You're welcome :)
Hi Sarvesh,
Are you using Next.js or some other framework for your app? It'll be helpful if you tell that.
I am using the firebase config in an extension I am working on. I am not able to store in .env file. I am using the config to generate device ID. Do you think someone can Ddos the extension?