How to handle sensitive information in js?

problem description

what"s wrong with the appid secretKey that calls Wechat"s token exposed in js?

the environmental background of the problems and what methods you have tried

Compression without encryption will cause online js code to run with an error

related codes

getOpenId: function getOpenId(code) {
        return _jquery2["default"].get("https://api.weixin.qq.com/sns/oauth2/access_token", {
          appid: "xxxxxx", //
          secret: "yyyyy", //and 
          code: code,
          grant_type: "authorization_code"
        });
      },

what result do you expect? What is the error message actually seen?

expect not to get appid secret directly from js, or others will go to http://work.weixin.qq.com/api.
call

Javascript

May.12,2021

the information in js cannot be completely masked. You can deal with it in some ways, but it just makes it more difficult for others to get (basically equivalent to putting a newspaper on a bundle of banknotes)
when Wechat designed it, the, app id was public, but the secret key was confidential, so you need a backend to help you deal with situations where you need secret key.

this is not your request. You pass the code to the backend and then request

secret certainly can't be put at the front desk. This thing is originally put in the background for use in the background.

and even if you put it on the front end, you can't solve the cross-domain problem of interface calls.

tonken is used by the backend to obtain the TONKEN calculation key of JSDK and return it to the frontend research JSDK API. The frontend only needs to call appId, and backing to return a random string and timestamp, and the secret key is fine.

Previous: Ajax data exchange post mode

Next: The message middleware will appear to receive the message and consume it to the consumer, but does the producer receive the result of sending failure?

The proportional width of the echarts graph is inconsistent.
The horizontal coordinates of echarts are not specifically marked, and the X coordinates do not have a grid to indicate. Here is a figure that specifies . js * * createChartSix() { this.$http .get(this.$api.dataChart) .then(rsp => { ...

Javascript

Feb.26,2021
Using node to build video streaming server
sincerely ask for advice: < hr > I want to use node as the background to build a video streaming server. The front end is similar to Youku VOD. It can record the playback node function, and load the progress bar at any point (starting from the c...

Cache nginx linux node.js javascript

Feb.26,2021
In the chained promise function, how to determine which promise threw the error
I need to implement in a chained promise function, any function error in the middle terminates the program, and can catch the error function, and then perform different operations according to different error functions. How can the following code be imp...

Javascript es6

Feb.26,2021
Ajax request
I would like to ask what is wrong with this code. Thank you for your answers. ...

Javascript

Feb.26,2021
Apply method confusion
is doing a question on Niuke.com. I encounter a problem: to achieve the function callIt, after the call meets the following conditions 1, the returned result is the result after calling fn 2, and the call parameter of fn is all the parameters after th...

Javascript

Feb.26,2021
Countdown, click event?
A timing examination system is triggered if the click event is triggered within 5 seconds, and if it is not triggered, the system marks the correct answer at the end of the countdown. How to implement ...

Html css javascript

Feb.26,2021
On the problem of regular matching
description: a regular match is given to the content of an input box, and the matching content is the product activation code. looks like this: "0C31-0B81-BB32-3094-0C31-0B81-BB32-3094 " Code: $( -sharplicenseCode ).keyup(function () { le...

Python html5 html php javascript

Feb.26,2021
Custom event, 2 clicks at a time
1. The custom event triggers the click event of .cpcstartrefresh, but triggers 2 click events each time 2. The code is as follows: window.onmessage = function (e) { create an event object, var myEvent = document.createEvent( Event ); m...

Javascript

Feb.26,2021
Problems with Chrome downloading using window.open ()
I configured the MIME type of the file with the amr suffix in the apache configuration as application ms-download, Why it is a garbled page when opening a file in amr format using window.open in chrome, while a file in amr format can be successfully dow...

Firefox chrome html php javascript

Feb.26,2021
Multiple choice questions, how to judge whether the chosen answer is the correct answer?
I got a set of data, which is to choose the type of question. How can I tell if I have chosen the right one answera: "Olympic Games " answerb: "Asian Games " answerc: "Paralympic Games " answerd: "University Games " id: "1772 " question: "f...

Javascript css html

Feb.26,2021
Read a number, such as 521, change this number to 0521, and put it into four div, how to achieve?
read a number, such as 521 change this number to 0521 but put it into four div separately, how to realize it? 0 < div > 5 < div > 2 < div > 1 < div > ...

Javascript es6

Feb.26,2021
React projects cannot save store? using redux, data
react projects cannot save store? using redux, data index.js ReactDOM.render( <Provider store={store}> <Router > < Provider>, document.getElementById( root )) registerServiceWorker() actions export const SET_USER = ...

Javascript react.js redux

Feb.26,2021
How to find all the 'NA' characters in a HMLT page and replace it with "and invalid"
how to find all the NA characters in a HMLT page and replace it with "and invalid " with native JS ...

Javascript

Feb.26,2021
Why not pause after alert, but immediately refresh the address, this alert is written by yourself?
...

Html css javascript

Feb.26,2021
Can I use import and export directly?
suppose there are only a.js and b.js (only two js and nothing else) b.js export A variable is used for a.js can you directly use import and export without using packaging and compilation tools such as webpack or babel can it be achieved with the h...

Node.js javascript

Feb.26,2021
The problem of uploading attachments to the mobile version
do the gods have plug-ins for uploading attachments in the mobile version that can also be uploaded more than one? ...

Html5 node.js css html javascript

Feb.26,2021
WeChat Mini Programs login problem
what does the code circled in the following picture mean? ...

Php javascript

Feb.26,2021
Ask a question about the jquery window object
I look at a html ui project with items such as: var apiserver = window[ apiserver ]; url = apiserver + "filterUrlController getUrlData"; I searched the whole project and couldn t find the value of window [ apiserver ]. How do you un...

Javascript jquery

Feb.26,2021
The vue project introduces particles.js to realize the particle effect, but there is a problem when switching pages?
In the vue-cli project, I directly introduced the particls library into index.html, and the related files are placed in the static directory . <div id="particles-js">< div> <script type="text javascript" src="s...

Front-end javascript vue.js

Feb.26,2021
Js performs asynchronous operations in a loop and then adds each asynchronous result to an array. How can this array be used outside the loop?
How does the code return only the result after the last asynchronous operation in the for loop is completed as shown in the figure? Please stop by and give me a hand. ...

Javascript promise for-cycle

Feb.26,2021