Skip to main content

Remove sensitive data from client-side applications

Requirement#

Access codes, tokens or credentials should be removed from client-side applications. If it's needed, the associated service should support Access Control Lists based on the expected origin.

References#