skip to Main Content

When the app is scanned for vulnerability test, google api keys are visible .Is there any way to secured so the app pass the PT test.

The app is developed using Flutter.

Thanks in Advance.

2

Answers


  1. Chosen as BEST ANSWER

    I was trying to hide the keys and wasting my time.

    Now I change the package google_maps_webservice. Instead now I am using google_maps_place_picker_mb package and it works like a pro.


  2. These keys and identifiers do not represent a security issue. In Firebase you need to set the Rules in order to restrict access to your data as specified by Sam Stern in this reply:

    https://groups.google.com/g/firebase-talk/c/EEEwttbpPJU

    None of the items in the plist file is sensitive, so you don’t have to
    worry about someone stealing it. Make sure that your app has property
    Security Rules on all data (where applicable) and that you enable API
    key restrictions so that nobody can use your API key in their app.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search