保护 Google Maps JavaScript API 密钥 [英] Protecting Google Maps JavaScript API key
问题描述
我是 JavaScript 新手.我正在使用 Google Maps JavaScript API 在我的网站中包含自动完成功能.代码需要 API 密钥才能执行.
I am new to javascripts. I am using Google Maps JavaScript API to include the Autocomplete functionality in my site. The code demands an API key to perform.
<script src="https://maps.googleapis.com/maps/api/js?key=MY_API_KEY&libraries=places"></script>
我想保护这个 API 密钥,因为它是公开的,任何人都可以在浏览器上使用 view page source
查看我的 javascript 代码.
I want to protect this API key as this is publicly available and anyone canview my javascript code using view page source
on the browser.
我该如何保护这个 API 密钥,使其不被公开看到??
How can I protect this API key so that it can not be seen publicly??
推荐答案
Google 地图有多种 API 密钥.
There are numerous sorts of API keys for Google Maps.
浏览器/Javascript 键旨在用于获取 JS/前端库,可以使用.
Browser / Javascript keys are meant to be used for fetching JS / Frontend libraries and are okay to use.
只需确保您使用的是浏览器密钥,可在此处找到:https://developers.google.com/maps/documentation/javascript/get-api-key
Simply ensure you're using a browser key, found here: https://developers.google.com/maps/documentation/javascript/get-api-key
您可以进一步添加安全限制以防止密钥在其他地方使用.您也可以按域、IP 地址、android、ios 应用进行限制.
You can further add security restrictions to prevent the key from being used elsewhere. You can restrict by domain, ip address, android, ios apps as well.
注意,服务器端的密钥应该是私有的.
Note, server-side keys should be private.
这篇关于保护 Google Maps JavaScript API 密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!