How can I hide stripe api key in javascript?

@Sinnbeck Yes, I wanted to know how to load it through the .env file without it being displayed in the javascript code. Any idea? thanks for your reply

@YuMp if you need to use it inside Javascript, then people can find it. All Javascript is run inside the users browser, so best you can do is obfuscation (which isnt secure).

Only server side languages can load keys without leaking

I would imagine that the stripe key is your public key, and therefor is meant to be used in Javascript and can be shown without problems

@Sinnbeck Hi, even though I know he is not displaying the secret key which makes me relieved but thank you very much, you opened my mind. I did the following, stored the key in the database and called it on the blade. I don't know if it's right, but I believe it can solve part of the problems. var stripe = Stripe('{{ $form->key}}'); Thanks

@YuMp it is still shown to your users. Check the code on the page. You cannot use it in frontend without showing it in some way

@Sinnbeck It's right you're. actually still displaying the public key. But I believe that not displaying the secret key will have no problem, right?

@YuMp The public key is meant to be used in the front end, it's the secret key you have to worry about. As long as you don't show the secret key anywhere a user can see, you're good.

@YuMp as long as it's a public key, it's meant to be shown publicly