Looking through the Firebase FAQ I can't see how cross domain issues are handled. Obviously, we don't want to serve on the Firebase domain, is it CORS, hidden iFrame, other? Would we need to create a sub-domain that points at the IP of the sharing server?
Asked
Active
Viewed 4,439 times
1 Answers
29
Let me answer this question in two parts, as there are multiple ways to communicate with the Firebase Servers.
- Firebase JavaScript Client - The Firebase Javascript Client maintains a real-time bidirectional connection to the server. Under the covers, this uses WebSockets whenever possible (which have no limitations with regard to cross-origin connections) and falls back to hidden-iframe-based jsonp long-polling on older browsers (which sidesteps cross-origin issues by only doing requests).
- Firebase REST API - You can also get / set data from Firebase using the REST API, which uses CORS to allow cross-origin requests.
So in summary, it should "just work" and you don't need to do anything special.
Michael Lehenbauer
- 16,229
- 1
- 57
- 59
-
1can you please elaborate on "hidden-iframe-based jsonp long-polling" – KJW Aug 10 '13 at 20:14
-
@KJW woudl be good to know but I believe it is their secret sauce. Now at least you have some pointers :) – Mars Robertson Jun 03 '14 at 14:21
-
What does not work with firebase is cross origin authentication. Instead the user has to authenticate again on every subdomain which seems to be a big missing feature. – Chilly Code Apr 11 '18 at 17:55