I am going to be using youtube API and will need to use a key, but publishing the key would just give it access to all users. How can I hide it? After doing some research I learned that I can create a web server and use that to capture the key? I am new to web server and know little about them? How can I go about creating such server that provides me with a key on request and will the user be able to also call that request if they look around the code?
Related
I have been developing a chrome extension and now I want to create version 2 with database support. For this I am going to use Firebase.
I need to create a file in my extension where I add the details about the firebase connection, api key and url etc..
After reading this question: Where does Chrome store extensions?
I went to look for mine. and boom there it was. I could open the files for the extensions and see the details I added about my firebase connection.
However, I am unsure as to whether I could see it because I am the developer and its on my machine. I do not like the idea of having my access keys available nor url.
Not that I think anyone would sabotage it, but I would hate to be billed for over usage of my requests etc..
I try to make correct authorization in Chrome App. I followed official tutorial, but I was not able to sign in - every try ended with redirection to settings page and communicate that
Account sign-in details are out of date. Sign in again
After signing in, I got redirection once again to setting page, and after a moment, the same situation happened.
I saw in chrome://identity-internals that token expiration date is set on 0 of Unix time, so it seems error.
I decided to try samples from Google Chrome Github. I installed the GDrive one and it worked fine - till the moment I deleted key from manifest, I found in documentation that this is kind of extension id. Without it, situation is identical to this with my own app. This happens in all samples with chrome.identity - without key, they are unusable, with key works fine.
Had anyone ever similar problem? Maybe this is connected to some kind of additional Origin in Cloud Console? I am not able to find any information about it. I use key from Web Application App, cause when I try to register Chrome Extension I always receive
Invalid appId for type CHROME_EXTENSION:
but in documentation of Chrome Apps is written that I should Web Aplication Keys.
Would be great if anyone could help. I use latest Dev Channel normal Chrome and Canary, same problem on both of them.
Right, the key needs to be there for the API to work. See http://developer.chrome.com/apps/app_identity.html for all the details.
I am an amateur website developer but proficient in html and javascript.
I have a handful of websites using the Google Maps API V2 with no problem. I tried to upgrade to V3. I got a new API key and used the sample html (based on Australia) provided by Google. All I got was the 'disabled' message.
If I remove the key completely it works! What am I doing wrong?!! (www.gn45.com/gmap.html)
This message appears, because there's a particular domain whitelist, that is configured for each business account. By default, you can always access google APIs with an API key from localhost, but any other domain should be specifically set within account management.
With the mobile application, your index.html is read from the filesystem and then passed to in App Browser. Therefore google rejects a request to the API with API key. You can temporarily remove API key from your request and access the API without any, this way you'll have a 50k request/month limit, which should be sufficient for development purposes.
I'm looking for a way to configure this myself, as soon as I find one, I'll provide an update.
I'm using the google maps API v3 with flash and it works fine on one of my websites.
I transfered it to another website and changed the API key, but all I see is the default background color with no error message. Unfortunatly, I cannot access the flash source code.
Is there a way to debug the application or see some error messages without the source code?
Or maybe somebody has an idea of what is wrong?
Use Firebug Net monitor to see if all of the request are going through. That would be the first place that I would start. My guess is that there are HTTP Requests trying to get data from a domain that doesn't have a crossdomain policy allowing access from the new site you moved it to.
First of all maps V3 doesn't need a a key. I think you are combining parts of V2 (with key) and V3(which doesn't need key) so obviously there is something wrong in your code.
I may be dim, but I really don't know what to answer when google asks me for a URL when asking for a key for google maps.
I mean, I'm on my laptop, with no internet dns entry developing the solution in visual studio, so what do i tell google? localhost? The domain name I know the site will end up on? my laptops name?
Use the key which will correspond to the name of the server in the URL. I've used both localhost and the name of the laptop on local network.
Change to a different key on the production server.
I have always set up the API key to represent the sites future URL. I have seen no issues with using the API key on localhost that was setup for domainname.com, but that may be related to the subset of the Google Map APIs that I utilize. I would use your site's final URL when you set up the key for Google Maps.