Supabase url and anon key exposed
I am a newbie exploring Plasmo for supabase authentication. The public url and anon keys are added in the .env file. On building the file, I find the supabase url and anon keys are exposed in popup.js, which can be traced in Devtool sources. The bad actors may use the url and anonkey to exploit the auth.
What are the best ways to deal with supabase auth without exposing the url and key? Am I missing something?
What are the best ways to deal with supabase auth without exposing the url and key? Am I missing something?
0 Replies