•  23-03-2022
  •  | 
  •  

Pergunta

We are planning to use firebase custom token for securing our app. I am afraid that if the token is sniffed from wire, a malicious user can spoof a genuine user. Is there a way to secure against token hijacking?

Foi útil?

Solução

You should make sure to use SSL on the host page and all includes in your website to avoid this security threat.

Firebase and Firebase Simple Login already use SSL for all connections, so you'll just need to ensure that your site itself uses SSL as well.

Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top