Menu
For example, I modified the boiler-plate code for tapping the FB API, to conform to jslint. It looks like this:
(function () {
'use strict';
window.fbAsyncInit = function () {
FB.init({
appId: '1507519942878500',
xfbml: true,
version: 'v2.5'
});
};
var d = document,
id = 'facebook-jssdk',
js,
fjs = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {
return;
}
js = d.createElement('script');
js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}());
</script>
I notice that anyone who uses my app can now see my appId. Is this a security risk in any way?
328
This is intentional not a risk, there is no way to hide your Facebook app ID.
If your secret was exposed this will be a problem.
There needs to be a way for Facebook to link back to your application. As a user I also need to know your app ID if I ever needed to report suspicious activity.
168
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
