Reputation: 76
is it safe to have 'firebase-messaging-sw.js" in public url
i have setup Firebase Cloud Messaging in the doc it's asked to put the firebase-messaging-sw.js file in the public folder.
Knowing that the latter contains the firebase configuration object which contains the identification keys. AND which is public, "localhost: 3000/firebase-messaging-sw.js" shows all this config. how can i avoid this
Upvotes: 0
Views: 1692
Answers (1)
Reputation: 317312
All of the JavaScript to be executed in the browser in your web project is public. firebase-messaging-sw.js is no different. You can't protect it from view, because if you did somehow, it would no longer be runnable by the browser like all your other code.
If you're worried about your Firebase project API, that's a public piece of information is is not a security issue.
Upvotes: 1
Related Questions
- Is it safe to expose Firebase apiKey to the public?
- What is the use of firebase-messaging-sw.js in firebase web notifications?
- Firebase Cloud messaging NodeJS PROJECT_NOT_PERMITTED
- Firebase messaging warning messages on service worker install process
- Is it safe to include the whole Firebase config file?
- How to update firebase-messaging-sw.js in javascript
- Importance of manifest.json for firebase web push
- Firebase Cloud Messaging without hosting (Web/JavaScript)
- How secure is firebase cloud messaging at client side?
- Is it possible to run firebase messaging in node.js?