- This topic has 3 replies, 2 voices, and was last updated 2 months ago by Dylan.
November 19, 2020 at 7:49 am #61502virtualwayvaParticipant
In the process of creating an API key, I noted the section that Google has on “Protecting API keys”. I could be off in my interpretation, but I was with the impression that the API key was not something we would want the general public to have access to. However, I noticed it is showing in full, in the midst of a lengthy chunk of code and informational writeup within the page source (13,000+ characters in length), following
/* <![CDATA[ */
var WPGMZA_localized_data =
Is this as it should be?November 19, 2020 at 4:01 pm #61519DylanModerator
Thank you for your time, we do appreciate it.
Yes, exposing the API key is required as it must be passed to the Google Maps API with the initial map load. This is handled by the API directly, however, it is protected by your API restrictions.
We do have a document regarding this here: https://www.wpgmaps.com/documentation/ensuring-your-referrers-are-properly-inserted/
Protecting your API key in this way ensures that the key cannot be used on any other domains, outside of the approved domains for the key.
I hope this helps to clarify the process a bit?November 19, 2020 at 6:51 pm #61521virtualwayvaParticipant
Dylan, thanks for your reply. I’m still confused as to why so much of the text (which is not showing on the front of the website) is appearing in the page source. For instance, here is just a small part of what shows:
Only a pleasure, happy to help wherever possible! 🙂
Meaning if you alter an option in the setting area of WP Google Maps, these changes are pushed to the frontend of the website, within these hidden source tags.
I hope this helps?
- You must be logged in to reply to this topic.