stackoom
  简体   繁体   中英

How to Secure Firebase in client side Javascript

 原文  2014-03-31 07:32:31       javascript/ ruby-on-rails/ firebase/ firebase-security

Question

I am using Firebase with Ruby on Rails (4.0.3). The Client side JS is listening for events on a particular URL. Obviously, the URL is visible to the client, and adding any token based authentication is useless since that'd be visible too. Whats the way around this?

1 answers

solution1
 0  2014-08-15 22:03:37

Firebase supports a system of security rules that define who can read or write information in your Firebase. You define them by writing json like this: 

{
  "rules": {
    "foo": {
      // /foo/ is readable by the world
      ".read": true,

      // /foo/ is writable by the world
      ".write": true,

      // data written to /foo/ must be a string less than 100 characters
      ".validate": "newData.isString() && newData.val().length < 100"
    }
  }
}

There's a whole lot more to this topic than is appropriate to put in a Stack Overflow answer, so please check out Firebase's official documentation on security .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How secure is firebase cloud messaging at client side? How can I secure Firebase with an all client-side implementation? How to hide/secure session/encryption key in client side javascript from addon/extension Is this client side application secure? Set secure cookie with client-side javascript in ios safari and chrome Is it possible to connect to sftp server using client side javascript. Is it secure? Is client-side java intrinsically less secure than javascript? How to have a Javascript client create a secure UUID? How to check if email is verified in firebase on client side? How to secure when make a call to DialogFlow from Client side (browser)?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM