Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vladimir2020-11-17 12:56:28
firebase
Vladimir, 2020-11-17 12:56:28

How to secure an application with a backend on Firebase?

In my web app, users will have a balance. How can I add it to the database so that an attacker cannot install it arbitrarily? I set the security rules settings in such a way that an authorized person can only create, but not update in the database. But it still turns out that when registering, I create an entry in the database through the frontend, and so it will be possible to make an entry in the "balance" field.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexey, 2020-11-17
@Cosss

It seems to me, only having removed creation of the user to other place. So that the resulting record object is not created in the application.
I looked briefly, there is Cloud functions, maybe it will be possible to make such a request there?

Similar questions
I
Ivan Vasilich2017-08-24 21:59:47
How to display errors and hide controller in swift? 1Reply
K
KnightForce2017-09-20 13:45:13
React Native iOS. Why is there a library not found for -lRNFirebase error? 0Reply
A
Alex_Ray30612017-09-26 12:24:25
Is it possible to create inaps in Firebase, Playfab in Odnoklassniki? 0Reply
R
retr02017-10-21 20:45:27
FirebaseDatabase error: failed to convert Hashmap to String in Android app, how to fix? 3Reply
M
Miruz2017-11-13 13:28:09
Is it possible to put a link to data in another data in Firebase? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question