FirebaseAPIkey公開

... API Key, which can be obtained on the project settings page in your admin console. HTTPS is required. Firebase only responds to encrypted traffic so that ...

2023年9月16日 — I wanted to save some data in Firestore from a JavaScript file in a Firebase Hosting, but I noticed that the API Keys gets exposed, so I wrote a ...

2021年8月12日 — As the API key is publicly exposed, but we can still restrict that API key to some domain or some IP. These API keys are auto-created by ...

2023年3月11日 — Firebase API keys are not a secret. So yes, it is safe to return them in a GET request. However, it is recommended that you secure them.

2016年5月27日 — Firebase-related APIs use API keys only to identify the Firebase project or app, not for authorization to call the API (like some other APIs ...

2019年3月12日 — In a word, yes. As stated by one of the Firebase team engineers, your Firebase API key only identifies your project with Google's servers.

An API key is a unique string that's used to route requests to your Firebase project when interacting with Firebase and Google services.

2016年11月25日 — TL;DR yes, it's fine. The apiKey essentially identifies your Firebase project. It is not a security risk for someone to know it.

The apiKey in this configuration snippet just identifies your Firebase project on the Google servers. It is not a security risk for someone to know it. 為何 ...