I'm working on some server-side javascript and I have some data that I want to keep sensitive, so it's in a non-public facing directory. Let's say I put it inside a function - how do I then call that function from within another javascript file?
3
-
1Why would your server side JavaScript be in a public facing directory in the first place?Quentin– Quentin2013-06-10 11:10:15 +00:00Commented Jun 10, 2013 at 11:10
-
1The documentation for loading scripts from files in node.js can be found at nodejs.org/api/modules.htmlQuentin– Quentin2013-06-10 11:10:50 +00:00Commented Jun 10, 2013 at 11:10
-
Thanks very much - I've found out the answer from that documentation and have answered my post.babbaggeii– babbaggeii2013-06-10 11:20:21 +00:00Commented Jun 10, 2013 at 11:20
Add a comment
|
1 Answer
Thanks to Quentin for pointing me towards the relevant documentation. The solution I ended up with is:
sensitive.js:
exports.data = "data";
app.js:
var sensitive = require('./sensitive');
var data = sensitive.data;
3 Comments
Richard Marr
Don't add sensitive data to your codebase. Pull it in from the environment instead by putting the sensitive module in your home directory. nodejs.org/api/…
babbaggeii
I'm using heroku to deploy this app, and am unsure of how to access the home directory. My deployment is just done by pushing the whole app directory to the heroku server. I'll look into it though, as others must have come across this problem.
Richard Marr
On Heroku you can specify custom values using environment variables, then pick those up from a configuration module in your app. Usually sensitive data is in the form of crypto keys, passwords, etc so that's a reasonable place to put that from a logistical perspective.