Please Like, Share, Subscribe & Comment - it all helps me create more content for you! 👉 My Courses: dannys.link/courses 👉 Download Fudget: www.fudget.com 👉 My VSCode Setup: dannys.link/vscodesetup 👉 DONT CLICK THIS: dannys.link/dontclick
This is a terrific tutorial, I have learned a lot, now I know in order to hide api key from end users we have to put the key in backend route. fand I have successfully built this project with Nuxtjs which we can handle both frontend and backend in a single server. Anyway thank you for this awesome tutrial !!!
This was a really good intro to Vue for me so thanks. But I had to chuckle when you hid your API key by making the call from your server but then set no bounds on its use with CORS headers. Now no one can KNOW your API key, but everyone can write applications to USE it (as long as all they want is to query that API by city name)! :)
Thanks Exequiel. I don't think so, because the api details need to be in the client in order for Firebase to work. This is why it's so important to have very solid security rules in Firebase. 👍
Ok so.. How do you handle this now? Because I get issues with requesting over non-ssl. Like... do I need to make the nodejs/express server publically accessible...or something?
Awsome! As always very informative and an excellent, fast and intelligent way of explaining things. The next question: how to to secure our REST endpoint/s from other praying eyes peeking into Developer Tools? Now it's more insecure than ever I suppose. I'm open for proposals/discussion. Thanks Danny!
Hi Danny, won't you upload videos with Quasar and vue3 ?, next.quasar.dev/. Yesterday I installed it as a plugin in a vue3 project and it worked very well.
It's still unsecure ... But with few extra steps :( ... Now the hackers will abuse my precious APIs more easily (without any key) through my proxy middle API (at backend)
Please Like, Share, Subscribe & Comment - it all helps me create more content for you!
👉 My Courses: dannys.link/courses
👉 Download Fudget: www.fudget.com
👉 My VSCode Setup: dannys.link/vscodesetup
👉 DONT CLICK THIS: dannys.link/dontclick
Very under appreciated channel.
Thanks for all the tips, Danny.
Also the best line: 17:10
Haha thanks 😂
Wow, great topic for every Vue developer. Thank you Danny for another great video.
Thanks Jens!
its so easy to follow. thank you, Danny
Glad it was helpful, Rindi! 👍
This is a terrific tutorial, I have learned a lot, now I know in order to hide api key from end users we have to put the key in backend route. fand I have successfully built this project with Nuxtjs which we can handle both frontend and backend in a single server. Anyway thank you for this awesome tutrial !!!
Thanks Ninja! Yeah I may explore Nuxt in the future!
Thank you Danny, this is exactly what I'm looking for!
Great! 👍
Very well done. Thanks for sharing
No worries, thanks for watching, Carlo!
This was a really good intro to Vue for me so thanks. But I had to chuckle when you hid your API key by making the call from your server but then set no bounds on its use with CORS headers. Now no one can KNOW your API key, but everyone can write applications to USE it (as long as all they want is to query that API by city name)! :)
Good call!
Thanks Danny. Great as usual!!
Cheers Basar!
That's great, Thankyou danny for this amazing video
Thanks Rizwan!
This was exactly what I was looking for. Thanks so much :)
Glad it was helpful Chantel!
28:22 -> what gives people feelings of power? -> predicting a food taste < predicting the Weather < predictng a CORS error in an youtube tutorial
Absolutely 😌
😂
Here goes my Vue hero. Great Video
Hey, thanks João !
Thank you for great content! I like your clear and detailed explanations. 👏
Glad it was helpful Mitja!
Very Useful thanks Sir 🤩🤩
Glad it helped Aldo! 👍
Amazing video. But, how do you protect your backend from someone trying to make requests directly to it instead of using your frontend page?
Thanks. Good question. You might need to add some sort of authentication to the front end 👍
Thanks for the video!
Thanks for commenting Shirou!
awesome as always :-)
Thanks Ranga!
Love ur videos. Its this posible (hide some secrets properties) with a serverles app like the ones with Firebase?
Thanks Exequiel. I don't think so, because the api details need to be in the client in order for Firebase to work. This is why it's so important to have very solid security rules in Firebase. 👍
Thank you sir
My pleasure Enrique!
Thanks for video
My pleasure Mehmet!
Ok so..
How do you handle this now? Because I get issues with requesting over non-ssl. Like... do I need to make the nodejs/express server publically accessible...or something?
Hmm I'm not sure Ko...
Hi Danny, thanks for this video. Now I'm wondering how and where to deploy the backend when the front-end is deployed in Netlify?
Good question! There are tons of options. I've used Heroku in the past for demo apps 👍
You Rock dude!
Thanks George!
thanks danny
Thanks Phojie!
Hello Danny, great video, and this is what I am looking for. However, my req.query is empty, do you have any solution for that? Thank you
I'm not sure Pakin. Could be a number of things...
Quality content
Cheers Buddha!
This doesn't help much when you dont protect calls to the backend?
this is awesome
Thanks Riaz! 👊
Nice video you could use Nextjs
I was working like this in nuxt Js and really don't know can do it in vueJs.. thanks its helper
Glad it helped Aissam!
Awsome! As always very informative and an excellent, fast and intelligent way of explaining things. The next question: how to to secure our REST endpoint/s from other praying eyes peeking into Developer Tools? Now it's more insecure than ever I suppose. I'm open for proposals/discussion. Thanks Danny!
Thanks Andrzej! I'm not sure if that's possible. The browser will log all requests that the app makes, as far as I know.
Hi Danny, won't you upload videos with Quasar and vue3 ?, next.quasar.dev/. Yesterday I installed it as a plugin in a vue3 project and it worked very well.
I'm sure I will at some point Nax.
Would you please make a tutorial about LinkedIn clone with vue js please!!!!
From Bangladesh... ❤️
The only way to perfectly hide API is by storing encrypted API key with its passkey somewhere at the source code
It's still unsecure ... But with few extra steps :( ... Now the hackers will abuse my precious APIs more easily (without any key) through my proxy middle API (at backend)
Only one endpoint although ... So that's the bright side :)
😂 👍
You can make your api work only with your website or ip address