stackoom
  简体   繁体   中英

Is it safe to attach `authorization bearer {token} header` to protected `client side` axios request?

 原文  2021-04-23 06:24:03       reactjs/ axios/ next.js

Question

is it safe to attach authorization bearer {access token} header to client side [ NEXT JS pages , NOT in getServerSideProps ] axios request? will the header access token be exposed to the public?

1 answers

solution1
 1  2021-04-23 06:48:13

Everything you add to the client-side is exposed to the public. That's the meaning of client-side.

Nevertheless, it's fine to add an bearer token to the client side, as long as this token is not hard coded (on each request and for each client the same one), but is renewed by site-request (and maybe bind to client-session, requesting ip or stuff like that).

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Attach Authorization header for all axios requests post request in Axios with 400 or 401 - bearer token Why in React, my axios API call has Authorization Header which contains Bearer <token> but not being authorized and gives 401 error Why axios remove "Bearer" string from authorization header? Sending the bearer token with axios Ruby on Rails does not include Authorization token on header when request by axios in React, but it does work with Postman How to send bearer token through header of axios call in react redux Request fails while having a bearer token in the header of the request Store bearer token in header How to pass authorization token in header to react Axios.post?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM