这条规则有多安全?

时间:2019-04-20 19:43:51

标签: firebase firebase-realtime-database firebase-security-rules

Firebase数据库问题:
我想为未经身份验证的用户“打开”“投票”。这样安全吗?

  

也许:

{
      "rules": {
        ".read": true,
              "posts": {
              "title": { ".write": "auth != null && auth.uid == 'XXXXXX'"},
              "url": { ".write": "auth != null && auth.uid == 'XXXXXX'"},
              "time": { ".write": "auth != null && auth.uid == 'XXXXXX'"},
              "vote": {".write": true,}     
            }
      }
    }
  

或者:

{
  "rules": {`enter code here`
    ".read": true,
          "posts": {
          "title": { ".write": "auth != null && auth.uid == 'XXXXXX'"},
          "url": { ".write": "auth != null && auth.uid == 'XXXXXX'"},
          "time": { ".write": "auth != null && auth.uid == 'XXXXXX'"},
          "vote": {".write": "newData.val() === data.val() + 1"}     
        }
  }
}

0 个答案:

没有答案