Hello,
I'm asking about AirShip properties file from the security perspective. The Getting Started guide says to put airship.properties file with the next strings: developmentAppKey, developmentAppSecret, productionAppKey and productionAppSecret.
Having all these properties in one file might be a bad idea as the properties file is included in the apk. So the hacker can extract secrets of all environments.
That's why I have two questions:
1. Is it safe to keep the airship.properties file in app/git repository? What can happen if the keys and secrets got compromised?
2. What are the possible ways to keep these properties secure?
Thanks.
Comments
1 comment