0

want to use a javascript function on a secure setting

"parameters": [
    {
      "name": "api_token",
      "type": "text",
      "required": true,
      "secure": true
    }
  ]

using above setting

var settings = {
  URL: "Some url",
  headers: {"Authorization": `Basic ${btoa{{apiKey}}}`},
  secure: true,
  type: 'GET',
  dataType: 'json'
};
Improve this question

1 Answer 1

Reset to default
1

As explained here, in order to perform requests with secure settings, you need to:

  • add a secure: true property to the parameter
  • replace the sensitive information in the code with a placeholder
  • define a domainWhitelist property in the manifest file, as only requests to the white-listed domains will work for secure requests

I see two issues with your code:

  1. If your setting name is api_token, then the placeholder you need to use is {{setting.api_token}}
  2. As the placeholder is replaced on the proxy layer, ${btoa("{{apiKey}}")} would not work the way you expect, i.e. you would be literally encoding the string {{apiKey}}, which would then no longer act as a placeholder. If you need a base-64 encoded string, you should save the base-64 encoded string as your api_token parameter
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.