英文:
Is there a way to update the google API key in GoogleService-Info.plist in Flutter
问题
When the app is scanned for vulnerability test, google api keys are visible. Is there any way to secure the app so it passes the PT test.
The app is developed using Flutter.
Thanks in Advance.
英文:
When the app is scanned for vulnerability test, google api keys are visible .Is there any way to secured so the app pass the PT test.
The app is developed using Flutter.
Thanks in Advance.
答案1
得分: 0
这些密钥和标识符不会引起安全问题。在Firebase中,您需要按照Sam Stern在以下回复中指定的规则来设置规则,以限制对数据的访问:
https://groups.google.com/g/firebase-talk/c/EEEwttbpPJU
Plist文件中的项目都不是敏感的,因此您无需担心有人窃取它。确保您的应用程序在所有数据(适用的情况下)上都有属性安全规则,并启用API密钥限制,以防止其他人在其应用程序中使用您的API密钥。
英文:
These keys and identifiers do not represent a security issue. In Firebase you need to set the Rules in order to restrict access to your data as specified by Sam Stern in this reply:
https://groups.google.com/g/firebase-talk/c/EEEwttbpPJU
> None of the items in the plist file is sensitive, so you don't have to
> worry about someone stealing it. Make sure that your app has property
> Security Rules on all data (where applicable) and that you enable API
> key restrictions so that nobody can use your API key in their app.
答案2
得分: 0
我试图隐藏密钥并浪费了我的时间。
现在我更改了google_maps_webservice包。
现在我正在使用google_maps_place_picker_mb包,它像专业人士一样工作。
英文:
I was trying to hide the keys and wasting my time.
Now I change the package google_maps_webservice.
Instead now I am using google_maps_place_picker_mb package and it works like a pro.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论