I am using Firebase with Ruby on Rails (4.0.3). The Client side JS is listening for events on a particular URL. Obviously, the URL is visible to the client, and adding any token based authentication is useless since that'd be visible too. Whats the way around this?
Firebase supports a system of security rules that define who can read or write information in your Firebase. You define them by writing json like this:
{
"rules": {
"foo": {
// /foo/ is readable by the world
".read": true,
// /foo/ is writable by the world
".write": true,
// data written to /foo/ must be a string less than 100 characters
".validate": "newData.isString() && newData.val().length < 100"
}
}
}
There's a whole lot more to this topic than is appropriate to put in a Stack Overflow answer, so please check out Firebase's official documentation on security .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.