hi, Dear experts
I would like to inquire about the security of IonSource.
I often use HTTP, using the following code:
const resource = await Cesium.IonResource.fromAssetId(layer_id, {
server: access_server,
accessToken: access_token
});
When requesting, it is:
/v1/assets/{id}/endpoint? access_token=xxxx
I have the following doubts
- Isn’t it easy for others to get the access_token on the webpage? If someone else gets it, what’s the point? How to prevent this situation
- Passing/v1/assets/{id}/endpoint in HTTP will expose the entire URL. Is there any other method
Thank you