问题
I have a grails application. In my gsp page when I have the line
<script src="https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&key=myKey"></script>
My key is exposed, is there a way to hide this in the gsp? I could restrict the domain for my production, but currently the application is being tested in my local machine alot, and because of that each PC's ip has to be added. I'm assuming there should be a smarter & easier way to handle this.
回答1:
There is no way to hide this line. However, you can restrict the domain which uses the specified key in google api control panel.
Login from here
Click Credentials from left section. Find your key in API KEYS panel.
After That
Choose HTTP referrers (web sites) and enter your domain into textfield and save. Pay attention Google's note below.
Note: It may take up to 5 minutes for settings to take effect
来源:https://stackoverflow.com/questions/39657161/google-places-autocomplete-hide-key