is it safe to attach authorization bearer {access token} header
to client side
[ NEXT JS pages
, NOT in getServerSideProps
] axios request? will the header access token
be exposed to the public?
Everything you add to the client-side is exposed to the public. That's the meaning of client-side.
Nevertheless, it's fine to add an bearer token to the client side, as long as this token is not hard coded (on each request and for each client the same one), but is renewed by site-request (and maybe bind to client-session, requesting ip or stuff like that).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.