| ▲ | michaelt 4 hours ago | |
Keys could have certain restrictions [1] such as HTTP Referer, which meant you couldn't just embed a map on your website and charge a different website for the views. Not perfect protection of course - an attacker could spam requests with all the right headers if they wanted to - but it removes one of the big motivations for copying someone else's API key. [1] https://docs.cloud.google.com/api-keys/docs/add-restrictions... | ||
| ▲ | voidUpdate 4 hours ago | parent [-] | |
I was thinking more maliciously targeting the developer and running up a huge bill than reusing their key for your use | ||