0

I am planning to use firebase for my next project but there are several problems , as I am planning to use reactJS and Nodejs I dont know how to project structure should be , But even if I keep my firebase configs in frontend as Google claims it's safe I have certain concerns regarding

  1. I can set Domains that can access the project resources in firebase I know that very well but the second is what concerns me more 2)What if someone uses proxy in their package.json file or something like that and clutter up my database and all , how to should I keep my firebase config or set up my firebase project full secure ?
Yuvraj Agarkar
  • 113
  • 7
  • To access your Firebase project directly from the client-side code, that code will need to know the configuration data. Without that configuration data, there is no way for the code to find and access the Firebase project on Google's server. See https://stackoverflow.com/a/37484053. Once you've done that, it all depends on your definition of "full secure". If you have a specific security risk in mind, we can probably help better. – Frank van Puffelen Sep 23 '21 at 00:48
  • But if I add firebase config file to frontend anyone will know it right ? , and with that they can easily clutter up my database , so are you saying I should set a usage quota so something and keep and eye on it ? @FrankvanPuffelen – Yuvraj Agarkar Sep 23 '21 at 01:31
  • To secure the database against clutter, implement security rules that reflect what data is valid: https://firebase.google.com/docs/rules. – Frank van Puffelen Sep 23 '21 at 01:46

0 Answers0