0

I have a react project I am trying to deploy to heroku. I did so by installing the react buildpack however when I go to the website, open inspect element, all my client side source code is simply exposed to all public view. What am I doing wrong, I cannot find any help which addresses this issue but it is quite the security flaw. Help me understand, because I know I did something wrong and it should not be this way. Thanks!

All the files of my project when you open dev tools and go to sources

Improve this question

1 Answer 1

Reset to default
1

Change the build script to include GENERATE_SOURCEMAP=false so that the build commands follow it. This is an intended effect according to this

gaearon

This is expected. You can delete .map files from the build output if you want to disable it, although you'll get console warnings about them missing.

There is no harm in leaving them in though in my opinion. Client code is already available to the user’s machine so there’s no secrets in it.

scripts: {
  "build": "GENERATE_SOURCEMAP=false react-scripts build"
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.