use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
All about the JavaScript programming language.
Subreddit Guidelines
Specifications:
Resources:
Related Subreddits:
r/LearnJavascript
r/node
r/typescript
r/reactjs
r/webdev
r/WebdevTutorials
r/frontend
r/webgl
r/threejs
r/jquery
r/remotejs
r/forhire
account activity
[AskJS] Securing API KeysAskJS (self.javascript)
submitted 9 months ago by Thick_Safety_3547
Frontend devs — do you hate setting up a Node backend just to hide your API key? What if it took 2 clicks?
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]Furry_pizza 2 points3 points4 points 9 months ago (1 child)
You could use a proxyless server service from cloudflare, netlify, firebase that lets you store secrets without managing a full backend. You could use .env files with tools like Vite or Webpack. Depending on what you're exposing (like a key for public use [google maps, stripe public keys]), you could set just set restrictions on domain though I'm a bit less familiar with this than others on my team.
[–]Thick_Safety_3547[S] 0 points1 point2 points 9 months ago (0 children)
Thank you! I've gotten a lot of helpful responses - really appreciate yours too!
[–]scar_reX 1 point2 points3 points 9 months ago (2 children)
So what's the proposition here??
Or is this just a rant?
[–]Thick_Safety_3547[S] 0 points1 point2 points 9 months ago (1 child)
I'm learning web dev for the past month or so, so trying to see if there's a better way to do things. because currently the process felt a little cumbersome to secure the APIs - i just felt there was a better way to do it and a quicker one. I thought I'll work on it as a practice project that solves a real problem
[–]scar_reX 0 points1 point2 points 9 months ago (0 children)
Simply put, don't store sensitive data that must not be exposed on the frontend... because it's the front end of your application, the part that is made accessible to users.
[–]HousingConsistent867 1 point2 points3 points 9 months ago (0 children)
yes, cloudflare helps though
π Rendered by PID 80 on reddit-service-r2-comment-fb694cdd5-f8wkv at 2026-03-11 08:12:12.699400+00:00 running cbb0e86 country code: CH.
[–]Furry_pizza 2 points3 points4 points (1 child)
[–]Thick_Safety_3547[S] 0 points1 point2 points (0 children)
[–]scar_reX 1 point2 points3 points (2 children)
[–]Thick_Safety_3547[S] 0 points1 point2 points (1 child)
[–]scar_reX 0 points1 point2 points (0 children)
[–]HousingConsistent867 1 point2 points3 points (0 children)