Firebase token hijacking

Firebase Security

We are planning to use firebase custom token for securing our app. I am afraid that if the token is sniffed from wire, a malicious user can spoof a genuine user. Is there a way to secure against token hijacking?

Kartik

Jump to: Answer 1

Answers (1)

You should make sure to use SSL on the host page and all includes in your website to avoid this security threat.

Firebase and Firebase Simple Login already use SSL for all connections, so you'll just need to ensure that your site itself uses SSL as well.

Andrew Lee

Answers (1)

Related Questions

Sign In