I have a react project I am trying to deploy to heroku. I did so by installing the react buildpack however when I go to the website, open inspect element, all my client side source code is simply exposed to all public view. What am I doing wrong, I cannot find any help which addresses this issue but it is quite the security flaw. Help me understand, because I know I did something wrong and it should not be this way. Thanks!
>Solution :
Change the build script to include GENERATE_SOURCEMAP=false so that the build commands follow it. This is an intended effect according to this
This is expected. You can delete
.mapfiles from the build output if
you want to disable it, although you’ll get console warnings about
them missing.There is no harm in leaving them in though in my opinion. Client code
is already available to the user’s machine so there’s no secrets in
it.
scripts: {
"build": "GENERATE_SOURCEMAP=false react-scripts build"
}