I implemented the push notification functionality in my rails application using Pushpad. In order to make push notifications work in Google Chrome, I had to create a publicly available manifest.json file. The issue is, my gcm_sender_id is publicly visible in manifest.json file.
Is there any proper way in ruby on rails to keep this information secure or any other secure way of implementing this.
That is absolutely correct and safe! The GCM sender ID is public and anyone can see it.
It's just the GCM API key that must be kept secret.