Probably nothing new for you guys but our OPEN AI KEYS are exposed in the header. this is a CF to be honest...
Is there a solution from FF?
We are building now our own cloud functions and wrapping the openai api in it so the endpoint isn't visible (helps but not ideal) and also checking if the user is auth with firebase (helps as well) and only the API key for our function is exposed so that is better
Thoughts?