Reputation: 601
apps-scripts: remote database password security
I connect to a remote sqlserver database using the jdbc service. My apps script has my password and userid. Is there a security risk involved. I ask because javascript is open to inspection; are app-scripts open to users?
What is the best way to get that secure information into an app?
Upvotes: 2
Views: 1386
Answers (2)
Reputation: 940
Use the UserProperties service. It's values are only available to you and if you decide to make the application multi-user, you could even direct users to store their unique sql username/password in their own UserProperties.
Upvotes: 1
Reputation: 7965
Even hard coded values don't show up in the javascript when rendered by the browser. That is because all the code that you write runs on the server side (except client handlers). However, if you share a script or spreadsheet with the script with another user, the code is visible to the other user.
You can store your username and password in a spreadsheet that only you have access to and read from there during runtime. However, ensure that the script runs under your id (i.e only published as a web app).
Upvotes: 3
Related Questions
- Password Protect Google Apps Script
- Connect to local MySQL database from Google Apps Script
- Google App Scripts won't make a Jdbc connection to MySQL on a remote server
- automated data upload from google doc to MySQL database - how to hide the database credentials in the google script
- Connection to a MS SQL database from Google scripts
- How to securely connect Google Apps Script to Azure SQL Server Database?
- How to connect local SQL server database using Google JDBC
- Google App script and local database connectivity
- Security JDBC and Google Apps Scripts
- Google-Apps-Script Non-Cloud Database Connection Options