This question already has answers here:
Implementing localized 404 page with Firebase hosting
(2 answers)
Closed 2 years ago.
I have a Firebase hosted website that contains an index_fr.html and index_nl.html.
How can I create a rewrite rules that uses the user agent language to serve the correct index_nl or index_fr page (without using Firebase functions)?
Update August 12th, 2020: Firebase Hosting now supports i18n internationalization.
Firebase Hosting rewrites are based on the requested path only. There is not support for such conditional rewrites in the Firebase Hosting configuration.
You might want to file a feature request for it.
Related
This question already has an answer here:
Does Firebase App Check discard the need for implementing Security Rules?
(1 answer)
Closed 7 months ago.
Please could I ask for a bit of advice.
I have an app that does not require users to create accounts and does not use authentication. The app stores settings in Firestore.
To secure Firestore, I have set-up App Check and set into enforcement mode for Firetore.
I assume that Firestore is now secure and I don't need any Firestore rules.
Is that correct?
App Check is not a replacement for writing security rules, but rather the two are complementary. While App Check is a great deterrent for abuse, a sufficiently motivated malicious user may still be able to bypass it.
That's why it's recommend to combine App Check for broad protection against abuse and security rules for fine-grained control of who has access to what data.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed last year.
Improve this question
I have just started the flutter journey. I have been asked to develop a mobile app that uses the data of a website instead of its own database(firestore etc.). The website is about car dealing business. It has data about cars and I want to fetch that data into flutter app I have no idea how to do it. Is there any package or anything else.
You would combine an HTTP Client with an HTML parser, assuming the website itself didn't have a accessible API that readily returns the data you're interested in via JSON.
If your website has a firebase backend, then you can use this set of plugins. The google-services.json file should be the same as that of the firebase project used in your website.
If your website has an API you can use the http package to make http requests.
First you have to build the REST Full API in the website backend using a backend language PHP or Node.js or .Net whatever good for your project, and then use flutter Dio or http to make requests to the REST API you built, you get back a JSON response then populate the data on your flutter app
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I would like to know what is exactly firebase. When i want to create authentication for my app i see on google firebase is often used on flutter for do it but it is not clear what is it exactly. I have a MySQL/php api from the server side and i need to find a way for save on mobile phone an user id when the user create an account, what is the best solution for do that with security. I have seen too, there is people who uses shared preference but security is low i think
Firebase is a whole set of applications and services that acts as a link to Google Cloud, which provides these services. Here's their website.
Firebase is a toolset that (according to them) allows you to “build, improve, and grow your app”, and they give you the tools that cover a large portion of the services that developers would normally have to build themselves. This includes things like analytics, authentication, databases, configuration, file storage, push messaging, etc.
This is different than traditional app development, which typically involves writing both frontend and backend software. The frontend code just invokes API endpoints exposed by the backend, and the backend code actually does the work. With firebase, your app accesses those services directly (or, allows you to write APIs to handle that, if needed)
These are the firebase functions that (arguably) are the most commonly used amongst developers.
Authentication — SECURE user login and identity, with applicable
rules
Realtime Database — realtime, cloud hosted, NoSQL database (older
version)
Cloud Firestore — realtime, cloud hosted, NoSQL database (but with
better queries)
Cloud Storage — massively scalable file storage
Cloud Functions — “serverless”, event driven backend (this is where
you'd write your
APIs)
Firebase Hosting — global web hosting (this is GREAT for flutter
because you can upload your designs immediately without paying for
it.)
ML Kit — SDK for common ML tasks
Here are all their services... but I haven't used most of them.
Finally, the great thing about firebase is that all their functionality is free, and you only start paying when the traffic starts growing.
Is it the best choice for authentication? Without. a. doubt. Not only is it secure, it provides a wide range of side services like "login with your google/facebook/whatever account" and "Forgot your password" retrievals. But it also allows for full token authentication, and access rules.
Sources:
https://firebase.google.com/
https://medium.com/firebase-developers/what-is-firebase-the-complete-story-abridged-bcc730c5f2c0
https://howtofirebase.com/what-is-firebase-fcb8614ba442
as u have api already then what u can definitely use firebase for verifying the phone number of user & then continue him to register that way u can get verified phone number of user.
u dont have to save phone number of user u can get it using
await FirebaseAuth.instance.currentUser().phoneNumber
what shared preference is used for is to store basic info about user like phone number, username, isLogin etc. but if u care about security which i dont think u need to worry about u can use another package like hive which uses AES 256 CBC with PKCS7 padding encryption.
This question already has an answer here:
Why is it okay to allow writes into Firebase from the client side?
(1 answer)
Closed 3 years ago.
If I use the prod environment variables in my App and set the server side rules for Firestore, would my app be completely secure to perform CRUD and authentication? I am asking this because I have been seeing Angular tutorials by pretty famous YouTube content creators (Fireship) and they do not touch server side code and still show how to make a production applications. All the tutorials use only Angular and some libraries to produce the apps and features but then the console on Google says not to expose the API keys. Using only client side Angular even in production environment variables exposes the private keys right?
So in short, should I be using Node to CRUD and Auth with Firestore, or server-side rules on the console works safe?
The configuration that you use on the client to get it to communicate directly with Firebase services is does not include a private API key. Much has been said about this in various forums over the past few years. The thing you see that might be labeled an API key is actually public information. It helps the client library locate the project it's working against. The API keys you want to hide are those that exposed direct access to other billed services, including Google Cloud service accounts.
You limit access to Firebase backend services (Cloud Firestore, Realtime Database, Cloud Storage) using security rules to determine what a user can or can not do with the data stored in it. If you don't do this correctly, you could have problems.
Whether or not you want to let the client access the services directly or make the client go through some middleware you write should be decided by other reasons, as discussed in this article.
This question already has answers here:
Has Yahoo suddenly today terminated its finance download API?
(4 answers)
Closed 5 years ago.
Has Yahoo stopped data feed service?
I was getting data using this link below until wednesday. Then stopped...
http://download.finance.yahoo.com/d/quotes.csv?s=AAPL+GOOG+MSFT&f=snbaopl1
Someone pointed out that URL has changed to this one below, but this doesn't work either...
http://finance.yahoo.com/d/quotes.csv?s=AAPL+GOOG&f=snbaopl1
It has come to our attention that this service is being used in violation of the Yahoo Terms of Service. As such, the service is being discontinued. For all future markets and equities data research, please refer to finance.yahoo.com.
It seems that Yahoo unfortunately discontinued the service.