It seems like static hardcoded API keys are a best practice with map APIs. I'm guessing because of the large number of requests in the critical path proxying adds to much latency? But everyone does it.
Are you ok to name some map apps that are doing this, that you're aware of?
That'll let others dig into those apps, (hopefully) report the security issue, and (again hopefully) get the app makers instead using a better approach for their next releases.
Are you ok to name some map apps that are doing this, that you're aware of?
That'll let others dig into those apps, (hopefully) report the security issue, and (again hopefully) get the app makers instead using a better approach for their next releases.