react-native-google-places-autocomplete icon indicating copy to clipboard operation
react-native-google-places-autocomplete copied to clipboard

Published 20 hours ago verified publisher icon FaridSafi

Question: session IDs and API key security

Open thesanjeevsharma opened this issue 3 years ago • 1 comments

Describe the problem

I want to know 2 things:

  1. Does this package manage session IDs(for low cost) automatically?
  2. This package makes an XHR request, which can be seen by anyone. API KEY will be passed into the request. Is there a way to protect/restrict it?

thesanjeevsharma avatar Mar 08 '22 05:03 thesanjeevsharma

This library is basically unusable as it is since anyone can decompile the app or sniff the requests to obtain API Key and can cost you $$$$$ by using your key, it might be already too late when you realize. You cannot even rotate keys that easily if you just hardcode the keys in your app because it will stop working for old users...

beydogan avatar Jun 29 '23 10:06 beydogan