问题描述
这是我从 firebase 收到的邮件.
This is what i got form the mail from firebase.
Firebase 客户端对您的实时数据库 covid-19-tracker-17659 的访问权限将在 4 天后到期
您选择在测试模式下开始开发,这使您的实时数据库实例完全对 Internet 开放.由于此选择使您的应用容易受到攻击者的攻击,因此您的数据库安全规则配置为在前 30 天后停止允许请求.
You chose to start developing in Test Mode, which leaves your Realtime Database instance completely open to the Internet. Because this choice makes your app vulnerable to attackers, your database security rules were configured to stop allowing requests after the first 30 days.
在 4 天内,对您的实时数据库实例的所有客户端请求都将被拒绝.在此之前,请更新您的安全规则,以允许您的应用在适当保护您的数据的同时正常运行.分析每天运行;如果您在过去 24 小时内修改了规则,则可能不会考虑这些更改.
In 4 day(s), all client requests to your Realtime Database instance will be denied. Before that time, please update your security rules to allow your app to function while appropriately protecting your data. Analysis is run daily; if you've modified your rules in the last 24 hours, those changes may not be accounted for.
我的实时数据库规则
{
"rules": {
".read": true,
".write":true
}
}
我应该对我的安全规则做哪些更改,以便我仍然可以在测试模式下运行我的项目.
What changes should i do in my security rules, so that i can run my project still on test mode.
推荐答案
如果您的应用程序不允许来自客户端的任何写入操作,您可以将写入条件从 true 更改为 false 这会使网络上的任何人无法访问和更改您创建的数据.
If your application doesn't allow any write operations from the client side you can change the write condition from true to false this makes your database impossible for anyone in the web to access and change the data you made.
但是如果您的应用程序确实允许来自客户端的一些写操作并且您的应用程序使用登录身份验证,您可以添加此条件以允许登录到您的应用程序的那些用户.
But if your application do allow some write operations from the client side and your application uses login authentication you can add this condition to allow the those users who logged in to your application.
{
"rules": {
".read": "auth != null",
".write":"auth != null"
}
}
这篇关于Firebase 客户端对您的实时数据库的访问权限将在 X 天后到期的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!