保护Google Maps JavaScript API密钥 [英] Protecting Google Maps JavaScript API key
问题描述
我是javascript新手.我正在使用Google Maps JavaScript API在我的网站中包括自动完成功能.该代码需要执行API密钥.
I am new to javascripts. I am using Google Maps JavaScript API to include the Autocomplete functionality in my site. The code demands an API key to perform.
<script src="https://maps.googleapis.com/maps/api/js?key=MY_API_KEY&libraries=places"></script>
我想保护此API密钥,因为它是公开可用的,任何人都可以使用view page source
在浏览器上查看我的javascript代码.
I want to protect this API key as this is publicly available and anyone canview my javascript code using view page source
on the browser.
如何保护此API密钥,以使其无法公开显示?
How can I protect this API key so that it can not be seen publicly??
推荐答案
Google地图有多种API密钥.
There are numerous sorts of API keys for Google Maps.
浏览器/Javascript键旨在用于获取JS/Frontend库,并且可以使用.
Browser / Javascript keys are meant to be used for fetching JS / Frontend libraries and are okay to use.
只需确保您使用的浏览器密钥即可在以下位置找到: https://developers.google.com/maps/documentation/javascript/get-api-key
Simply ensure you're using a browser key, found here: https://developers.google.com/maps/documentation/javascript/get-api-key
您可以进一步添加安全限制,以防止密钥在其他地方使用.您还可以按域,IP地址,Android,iOS应用程序进行限制.
You can further add security restrictions to prevent the key from being used elsewhere. You can restrict by domain, ip address, android, ios apps as well.
请注意,服务器端密钥应为私钥.
Note, server-side keys should be private.
这篇关于保护Google Maps JavaScript API密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!