Why You Should not store sensitive data in Javascript files
In Summary : The reasons why developers would embed sensitive information in JavaScript files are wide ranging. For inexperienced develope...
https://updatesinfosec.blogspot.com/2018/09/why-you-should-not-store-sensitive-data.html
In Summary :
The reasons why developers would embed sensitive information in JavaScript files are wide ranging. For inexperienced developers this may be the only obvious way to pass information that was stored or generated on the server side to their client side code. It may also save some additional requests to the server. However, an often overlooked aspect of this is browser extensions. Sometimes it's necessary to directly inject script tags into the DOM for it to use exactly the same window object. This wouldn't be possible with content scripts alone. [...]
kindly refer the following link as follow up :
https://ift.tt/2MLYpKD
The reasons why developers would embed sensitive information in JavaScript files are wide ranging. For inexperienced developers this may be the only obvious way to pass information that was stored or generated on the server side to their client side code. It may also save some additional requests to the server. However, an often overlooked aspect of this is browser extensions. Sometimes it's necessary to directly inject script tags into the DOM for it to use exactly the same window object. This wouldn't be possible with content scripts alone. [...]
kindly refer the following link as follow up :
https://ift.tt/2MLYpKD
