Firebase上的安全问题 [英] Security Issue on Firebase
问题描述
Firebase myFirebaseRef = new Firebase( HTTPS://<您-火力-APP> .firebaseio.com /);
问题是,如果有人知道我的firebase网址https://.firebaseio.com/ ,他们将能够从他们的应用程序操纵我的数据。
如何确保连接到Firebase?像Facebook或Google API给我们的APP密钥或秘密。
- 感谢您
步骤7在 quickstart you linked:
保护您的资料
使用我们强大的基于表达式的安全和Firebase规则来控制对数据的访问和验证输入:
.read:true,
.write:auth.uid ==='admin',
.validate:newData.isString() & newData.val()。length< 500
}
每当访问数据时,Firebase都会一致地强制执行您的安全规则和Firebase规则。规则语言的设计既强大又灵活,这样就可以对应用程序的数据进行细粒度的控制。
on sample android application to access database Firebase (https://www.firebase.com/docs/android/quickstart.html), we just need to write
Firebase myFirebaseRef = new Firebase("https://<YOUR-FIREBASE-APP>.firebaseio.com/");
The problem is, if someone know my firebase url "https://.firebaseio.com/", they will be able to manipulate my data from their application. How to secure connect to Firebase? like a facebook or Google Api give us APP-Key or Secret. -Thank You
Step 7 in the quickstart you linked:
Secure Your Data
Use our powerful expression-based Security and Firebase Rules to control access to your data and validate input:
{
".read": true,
".write": "auth.uid === 'admin'",
".validate": "newData.isString() && newData.val().length < 500"
}
Firebase enforces your Security and Firebase Rules consistently whenever data is accessed. The rules language is designed to be both powerful and flexible, so that you can maintain fine-grained control over your application's data.
这篇关于Firebase上的安全问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!