This is great and stressful at the same time for some of them. Extensions are usually built with less code and less complexities than full web app. It also means it's easier to copy the code. I'm not saying everything is that way, but it could be the case for some extensions.
This is great and stressful at the same time for some of them. Extensions are usually built with less code and less complexities than full web app. It also means it's easier to copy the code. I'm not saying everything is that way, but it could be the case for some extensions.
Yes a good reason to never keep an API key in your extension source 😃
Same applies to any javascript code that ends up in the browser :)
Yes of course. Unfornutaly most people think of extensions differently and often package their API in the extension.
If I want to write to a database or etc, do I need some middle ware to hide my creds, api keys, etc? How do people solve this problem?
To protect API keys, you want them server-side. I recommend building your own API that wraps other APIS to handle rate limiting to prevent abuse.
Super useful, Tim. Thanks for sharing!
No problem!
https://crxcavator.io/ - if you need to see code of an older version of extensions
also works for delisted extensions
Neat thanks for sharing! Being able to compare older versions of an extension is definitely helpful.