stackoom
  简体   繁体   中英

How to avoid showing session and firebase details on chrome network console

 原文  2019-07-10 18:27:18       security/ firebase-security/ security-testing

Question

we have application in node js which which can be opened in desktop chrome and uses firebase as backend . Right now all the request can be intercepted and shown on the chrome network console which be a security concern . How can we stop showing some request like url appended with file name or auth etc so that man in middle cant play

1 answers

solution1
 0  2019-07-10 18:47:52

The fact that the user can see their own requests in the developer tools of their own browser makes sense, and is not a security concern.

All requests to Firebase go over HTTPS connections, meaning that they are not susceptible to man-in-the-middle interception unless your entire network is already compromised.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question how to avoid logged users to use ajax by console? How to avoid showing files content on website How to prevent sessionStorage from showing in JavaScript console? How to exclude a route from the firewall? (or avoid session cookie) Avoid create session in Spring Avoid navigator to remember the session How can I access a TLS Session ID within an ASP.NET session? (To avoid BEAST cookie theft) How do I prevent using firebase.database() in browser console? How to restrict Firebase API keys in the Google Cloud console How to store sensitive session data in chrome web extension?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM