Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vladimir2020-11-17 12:56:28
firebase
Vladimir, 2020-11-17 12:56:28

How to secure an application with a backend on Firebase?

In my web app, users will have a balance. How can I add it to the database so that an attacker cannot install it arbitrarily? I set the security rules settings in such a way that an authorized person can only create, but not update in the database. But it still turns out that when registering, I create an entry in the database through the frontend, and so it will be possible to make an entry in the "balance" field.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexey, 2020-11-17
@Cosss

It seems to me, only having removed creation of the user to other place. So that the resulting record object is not created in the application.
I looked briefly, there is Cloud functions, maybe it will be possible to make such a request there?

Similar questions
S
sanke462018-10-04 15:53:05
How to correctly implement data output by dates through FireBase [Kotlin]?? 0Reply
A
Abra Kadabra2021-12-20 19:38:59
When can firebase.config differ from functions:functions:get? 1Reply
T
Tigran Aginyan2022-01-04 18:24:11
Code to confirm email address when registering on a site written in react js? 2Reply
M
max20212020-09-29 19:58:46
Where to find Private Key and Private Key when using Firebase Authentication service? 0Reply
H
hackearth2018-12-16 20:30:55
Firebase Storage Rules. How to give public access to only one folder? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question