0

We are using firebase JS library to read the data.so we have the API key details in js file. we have whitelisted domain and restricted API key on developer console. However when we download website html file and access the .html on local desk top, we are able to get the data from firebase. ie html file on local desktop reads the data from firebase db.

We have tried using anonymous firebase authentication which secures read data. but high latency ie poor performance.

has any one got another way to protect read data on firebase?

user1439582
  • 103
  • 2
  • 14
  • What are you trying to protect against? – Frank van Puffelen Jan 02 '20 at 17:55
  • protect read access. ie I want everyone to be able to read data via my website.but anyone downloaded html file and trying to read data from local desktop. I want to deny access to read data – user1439582 Jan 02 '20 at 20:25
  • There is no way to restrict data access based on where it's from. See https://stackoverflow.com/questions/52018041/locking-down-firebase-db-access-to-specific-apps for some more information on why that is, and what options you *do* have. – Frank van Puffelen Jan 02 '20 at 20:30

0 Answers0