-1

Good evening, In my connection file with firebase, I have the information var config = { apiKey: "API_KEY", authDomain: "DOMAIN", databaseURL: "URLDATABASE", projectId: "PROJECT", storageBucket: "STORAGE", messagingSenderId: "SENDER" };

which is the default for the connection to be made. However, when entering the site by the browser and accessing this file, it is available to the user who may know to change some data or to acquire this information of connection with the bank. I wonder if there is any way to encrypt this information, hide it, or leave it on a saved server and request by some method. because it is a very important information to be left thus, easily accessible. If anyone knows of any way to protect this data. Thank you very much.

Victor Henrique
  • 381
  • 1
  • 2
  • 10
  • if the client-side code needs that information to work, there's nothing you can do to stop someone accessing the code via a client from seeing it. – Kevin B May 11 '18 at 18:16

1 Answers1

1

None of this config data is private. You should expect that people can easily get a hold of it, no matter what platform your using (web, Android, iOS).

If you want to protect data in Realtime Database, Firestore, or Cloud Storage, you should use security rules to limit who can read and write, and what data can be written. You can also use Cloud Functions to write backend code that's protected from outside forces.

Also read this for more information: https://www.quora.com/Is-it-dangerous-if-one-knows-the-values-of-my-Firebase-configuration-Every-person-can-read-the-source-code-of-my-Angular-5-app-in-the-front-end/answer/Doug-Stevenson-1

Doug Stevenson
  • 297,357
  • 32
  • 422
  • 441