Hey! In this video, We discuss important updates on securing API keys in browser extensions, particularly for Chrome. I highlight the risks of exposing API keys in your extension's source code and provide best practices for avoiding these pitfalls. I recommend using a separate server to handle API calls securely, ensuring that keys never touch the extension's code. Please make sure to implement these strategies if you're developing an extension, and feel free to reach out with any questions! You can find links below to the original video mentioned.
LINKS
- Original video: https://www.youtube.com/watch?v=EZlkm65fu48
- Inbox SDK: https://www.inboxsdk.com/
CHAPTERS
00:00 Introduction to API Security
02:00 Using a Separate Server
03:20 Verifying User Requests
05:00 Final Thoughts and Q&A
https://rustyextensions.com/academy Get access to my Browser Extension Academy today!
FIND ME ONLINE:
📨 Sign up to my email newsletter - https://rustyzone.substack.com
🌍 My website / blog - https://russellr.co.uk
🐦 Twitter - https://twitter.com/russellbarnard
📺 Subscribe - https://www.youtube.com/channel/UC-h4Q0_5zTX66AxJucRmxRQ?sub_confirmation=1
RECORDED WITH:
Screen Studio: https://links.rustyextensions.com/screenstudio
Riverside: https://www.riverside.fm/?utm_source=rewardful&via=rz