Firebase托管:防止未经授权访问URL

本文介绍了Firebase托管:防止未经授权访问URL的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我正在尝试保护Firebase身份验证后面的某些页面-但是每次尝试打开它们时-我似乎都能够浏览到它们.即使当我按照文档进行操作时.

I am trying to secure some pages behind firebase auth -however every time I try open them - I seem to be able to browse to them. Even when I follow the documentation.

我似乎仍然找不到限制该页面只能由授权用户访问的限制.

I can't seem to find anyway to restrict the page to be accessible only to authorized users.

有人知道如何最好地解决这个问题吗?

Any idea how best to approach this?

看起来，如果不构建大量自定义代码，则不直接支持它.如果他们可以支持简单的htaccess文件或类似文件，那将是很棒的选择. -这是发布功能请求的链接 firebase.google/support/contact/bugs-features/

Looks like its not supported directly without building a lot of custom code. It would be brilliant if they can support a simple htaccess file or similar. - Here is a link to post feature request firebase.google/support/contact/bugs-features/

推荐答案

发布到Firebase Hosting的所有静态内容(HTML，CSS，JS和其他文件)都可以公开访问(如果您知道URL).您没有可以轻松配置的身份验证控件来更改此行为.

All static content (HTML, CSS, JS, and other files) published to Firebase Hosting is publicly accessible if you know the URL. There are no authentication controls you can easily configure to change this behavior.

如果您需要保护内容，则可以通过Cloud Functions设置一些代码检查用户的身份验证并根据其决定提供内容.

If you need to protect content, you could set up some code via Cloud Functions that checks the user's authentication and serves the content based on its decision.