fix: separate server and client Pinata configs to prevent JWT exposure#75
Open
Anishpras wants to merge 3 commits intoPinataCloud:mainfrom
Open
fix: separate server and client Pinata configs to prevent JWT exposure#75Anishpras wants to merge 3 commits intoPinataCloud:mainfrom
Anishpras wants to merge 3 commits intoPinataCloud:mainfrom
Conversation
Fix Next.js documentation to properly separate server and client configurations for Pinata SDK. The current documentation incorrectly shows importing server-side config (containing JWT) into client components, which causes "Attempted to access a server-side environment variable on the client" errors. Changes: - Create separate server-config.ts (with JWT) and client-config.ts (without JWT) - Update client-side setup to use client-config that only includes the public gateway URL - Add warning about never exposing JWT with NEXT_PUBLIC prefix - Clarify that client authentication happens through signed URLs from API routes, not direct JWT usage This prevents accidental exposure of sensitive API keys to the client and fixes the runtime error users encounter when following the current documentation.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix Next.js documentation to properly separate server and client configurations for Pinata SDK.
The current documentation incorrectly shows importing server-side config (containing JWT) into client components,
which causes "Attempted to access a server-side environment variable on the client" errors.
Changes:
This prevents accidental exposure of sensitive API keys to the client and fixes the runtime error users encounter
when following the current documentation.