API 令牌添加到我的仓库中的 GitHub 机密,部署 GitHub 页面,我如何在 Z9E13B69D7F712DA9327102 中访问此机密? (简单的Node.js项目)
[英]API token added to GitHub Secrets in my repo, deploying GitHub Pages, how do I access this Secret in Javascript? (Simple Node.js project)
问题描述
This is added to the GitHub pages branch.
这被添加到 GitHub 页面分支。
My package.json at the moment looks like this:我的package.json现在看起来像这样:
{
"name": "project",
"version": "1.0.0",
"description": "project",
"main": "app.js",
"dependencies": {
"dotenv": "^8.2.0",
"gh-pages": "^3.1.0"
},
"devDependencies": {},
"scripts": {
"deploy": "gh-pages -d ."
},
"author": "",
"license": "ISC",
"homepage": "https://USERNAME.github.io/gh-pages-repo"
}
Up until now, I've stored my Token in a token.js file (which was in.gitignore), imported that into my HTML through a <src> .到目前为止,我已经将我的 Token 存储在token.js文件(在.gitignore 中)中,通过<src>将其导入到我的 HTML 中。
When I've deployed the app with npm run deploy , I don't know exactly how to access this token value.当我使用npm run deploy应用程序时,我不知道如何访问此令牌值。 What do I have to change in package.json , and in my Javascript?我必须在package.json和 Javascript 中进行哪些更改?
1 个解决方案
解决方案1
2 已采纳 2021-01-06 01:51:41
The Secrets section is used for GitHub Actions. Secrets 部分用于 GitHub 操作。 It isn't accessible for GitHub Pages, which are independent.独立的 GitHub 页面无法访问它。
Moreover, GitHub Pages is for static sites only;此外,GitHub 页面仅适用于 static 站点; that is, it hosts only HTML, images, and JavaScript that are sent to the client.也就是说,它仅托管发送到客户端的 HTML、图像和 JavaScript。 There is no provision for a server-side component, and as such.没有提供服务器端组件,因此。 there's no secure place to store or use secrets.没有安全的地方可以存储或使用秘密。 If you need to have secrets in your website, you need to host elsewhere, since you'll need a server-side component for security.如果您需要在您的网站中包含机密信息,则需要在其他地方托管,因为您需要一个服务器端组件来确保安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.