0

i have a chat application with firebase and i recieved warning to my email told me to change my database rules and when i clicked i moved to my database rules i saw this:

rules_version = '2';

// Craft rules based on data in your Firestore database
// allow write: if firestore.get(
//    /databases/(default)/documents/users/$(request.auth.uid)).data.isAdmin;
service firebase.storage {
  match /b/{bucket}/o {

    // This rule allows anyone with your Storage bucket reference to view, edit,
    // and delete all data in your Storage bucket. It is useful for getting
    // started, but it is configured to expire after 30 days because it
    // leaves your app open to attackers. At that time, all client
    // requests to your Storage bucket will be denied.
    //
    // Make sure to write security rules for your app before that time, or else
    // all client requests to your Storage bucket will be denied until you Update
    // your rules
    match /{allPaths=**} {
      allow read, write: if request.time < timestamp.date(2023, 8, 23);
    }
  }
}

what should i do? i'am not profisional with firebase

Doug Stevenson
  • 297,357
  • 32
  • 422
  • 441
Phoenix Phoenix
  • 35
  • 3
  • You will need to learn how rules work and write them so that they match the security requirements of your application. There is really no workaround to this unless you don't mind anyone being able to read and write your database. See the documentation: https://firebase.google.com/docs/firestore/security/get-started – Doug Stevenson Aug 21 '23 at 15:45
  • In addition to Doug's comment and link, notice that you've shared the rules for Cloud Storage and you'll instead want to update the ones for Cloud Firestore. While both of those products use a very similar rules language, the products themselves are quite different and completely separate - so writing rules for one won't affect the other. – Frank van Puffelen Aug 21 '23 at 16:28

0 Answers0