•  23-03-2022
  •  | 
  •  

Domanda

We are planning to use firebase custom token for securing our app. I am afraid that if the token is sniffed from wire, a malicious user can spoof a genuine user. Is there a way to secure against token hijacking?

È stato utile?

Soluzione

You should make sure to use SSL on the host page and all includes in your website to avoid this security threat.

Firebase and Firebase Simple Login already use SSL for all connections, so you'll just need to ensure that your site itself uses SSL as well.

Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top