Reputation: 288
How to encrypt some string in JavaScript which is not going to visible on client side?
I have one AWS KEY in my angular js file to upload file to AWS s3 but somehow someone will saw my AWS Key and secret key and it was hacked. so now i want to do some encryption for that string so it is not visible on client side on source file or anywhere else.
Thanks in advance.
i've tried atob() and btoa() but still i dont want to store my original kwy in any variable.
Upvotes: 2
Views: 153
Answers (1)
Reputation:
You can't. Giving client-side code access to your AWS key would require you to make that key available to client-side code, and hence to anyone reading your code. There is no way to distinguish between the two cases.
If you need to allow client-side code to upload files to S3, use presigned URLs to authorize specific uploads. Under no circumstances should you ever give clients access to your AWS key.
Upvotes: 4
Related Questions
- Encrypt and decrypt a string using simple Javascript without using any external library
- How to encrypt or decrypt string in javascript
- JS Encryption w/ HTML
- Creating a signed S3 URL with Javascript
- Encrypted JavaScript
- encrypting string in javascript without external library
- Amazon S3 Client Side Encryption Javascript
- How can I encrypt a string in Javascript and keep it secure?
- Simple JavaScript encryption function
- How to encrypt a value on the client and pass it through a web server without decrypting it