You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
more of a question actually, rather than an issue. Couldn't find the answer to my question anywhere else so decided to raise one here.
As stated in README, running the app requires an app id and secret token from my.telegram.org, where, in turn, it's stated for both id and hash, that "it's forbidden to pass this value to third parties". As far as the client is frontend-only, running it with secrets will get the tokens expose to the end user, and obfuscation here can't be called quite a secure way to prevent one from reading it.
This raises further questions, is that possible to run the app in a publicly accessible environment, or should I run it exclusively for my personal use? If the latter, how is the app being run on web.telegram.org itself?
Really hope to get the answers, thanks!
The text was updated successfully, but these errors were encountered:
Hi,
more of a question actually, rather than an issue. Couldn't find the answer to my question anywhere else so decided to raise one here.
As stated in README, running the app requires an app id and secret token from my.telegram.org, where, in turn, it's stated for both id and hash, that "it's forbidden to pass this value to third parties". As far as the client is frontend-only, running it with secrets will get the tokens expose to the end user, and obfuscation here can't be called quite a secure way to prevent one from reading it.
This raises further questions, is that possible to run the app in a publicly accessible environment, or should I run it exclusively for my personal use? If the latter, how is the app being run on web.telegram.org itself?
Really hope to get the answers, thanks!
The text was updated successfully, but these errors were encountered: