So I want to send a request to a server, this includes an API Key which must remain secret. So I want to get an .env variable to hide this. But I don't know how to get it in a script tag in HTML.
CodePudding user response:
.env
files are commonly used in Node.js which is commonly used to write servers.
HTML runs in browsers, which are not Node.js and are not servers.
You cannot provide the browser with an API key while keeping it secret from the people using the browser.
You can write a webservice (e.g. using Node.js) which knows what the API key is (whether it reads it from an .env
file or not) to which clients (including browsers) can make HTTP requests to.