I noticed that even after building my react project (with npm run build). Any body using React Developer Tools can see all details in my Component state and can temporarily change some details therein. Although the changes can only make a change on the person's browser, i dont want many of those information to be displaying there. Sensitive data may be returned in any of my backend array JSON... Please i any help on how to stop this?
There should be no sensitive data passed to the client(browser)that you believe the end-user should not access. Your react state or entire javascript memory is easily accessible to end-user, even if you are disabling dev tools. Anyway, you can disable the dev tools using this approach.
Add this to the top of the page.
if (typeof window.__REACT_DEVTOOLS_GLOBAL_HOOK__ === 'object') {
__REACT_DEVTOOLS_GLOBAL_HOOK__.inject = function() {};
}
