Supabase + Chrome storage question
Hi all, new to Plasmo and discord π
Just curious, I've been using the supabase starter and am curious:
When creating the supabase client, is it storing the auth tokens (refresh and session) within chrome.storage and NOT local or session storage by default? If that's true, does that make it secure from xss in a way it might not if stored in local storage directly?
thanks in advance!
1 Reply
supabase provides two keys, you can use the client installation package of supabase. But by using the server-side key, you can bypass the permission logic. Be careful not to leak the keys