Maps API Key publicly visibile in source code with Map Advanced
Hi, i've received an email from google cloud console stating that in one of my client site there's one of our GMAPS Api publicly visibile in the source code.
I've checked and it's seems the case.
If i remove Maps Advanced the code disappear.
How can i fix this?
Comments
Hi,
Can you tell me which builder you use on your website?
If it was BeBuilder, did you use Map Advanced element?
Please attach a link to your website.
Thanks
BeBuilder has been used to make the page.
And yes MapAdvanced is the block we used.
https://padeltreviso.it/
If you search in the source code you'll see:
<script type='text/javascript' src='https://maps.google.com/maps/api/js?key=AIzaSyDi5hJfDnRCSwKo90AedXuz9ZcaCE_eP94&callback=mfnInitMap' id='google-maps-js'></script>
That is our GMaps API.
I consulted it with the dev team, and it is the correct way it should be.
You only should assign the API key to the correct domain.
See the following link:
https://www.storemapper.com/support/knowledge-base/how-to-secure-your-google-maps-api-key/
Best regards