I am using polymer.js on client-side. Have to fetch process.env from express server using the following:
app.get('/getkey', function(req, res){
res.send(process.env.KEY);
});
But, it's written as response to browser on every GET request. Is there a way to hide this sensitive information from browser?
Base64 encode / decode is too basic. And I am not sure how to encrypt the info on express server and decrypt it back on polymer 3 element.
Please help.