Anti-spam validations

[Vincent Le Quang]

Is there some ways to use the validation rules to prevent someone from spamming into a firebase connection?

Let's say I'm using firebase to let users store images, but someone found a way to script that through javascript and is now uploading an image every second. Is there something in the validation rule that identify an IP address or something, to prevent one person to upload if they just uploaded let's say 1 minute ago?

Thanks.

[Justin Noel]

Checkout this answer from one of the Firebase employees :  http://stackoverflow.com/questions/24830079/firebase-rate-limiting-in-security-rules

It shows how to add a rate limiting functionality.  I will say that it works pretty well generally.  However, for slow connections, it can be problematic in my experience.

[Vincent Le Quang]

Thanks Justin.

I checked out the JSFiddle (http://jsfiddle.net/firebase/VBmA5/), and just encountered something I wasn't aware of:

// authenticate

var auth = new FirebaseSimpleLogin(fb, function (err, user) {

    if (err) {

        logError(err);

    } else if (user) {

        userId = user.uid;

        data.sender = userId;

        $('#myid').text(user.uid);

        $('button').prop('disabled', false);

    }

});

auth.login('anonymous');

This seems like there's a way to do anonymous login in Firebase. I always thought that for anonymous users, I just let them touch any firebase node without any validation check, but actually with 'anonymous' login I'd have much better control over what they can and cannot do.

Now the search for FirebaseSimpleLogin show that it got deprecated. What's the general way of doing anonymous login now?

[Michael Lehenbauer]

It's even easier now that FirebaseSimpleLogin is deprecated.  Just call ref.authAnonymously.  https://www.firebase.com/docs/web/guide/login/anonymous.html

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/5c5cba85-2d0d-4782-ad45-4a8408b9b88d%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.