-
Notifications
You must be signed in to change notification settings - Fork 1
Security Issues
The main functionality of the application does not involve storing or processing sensitive information, so the two security concerns are authenticating users and preventing malicious activity by users once they are logged in. User authentication will be handled using Firebase's drop-in authentication solution. This will allow our application to provide login functionality without the need to store user credentials locally. Because the application provides search and filter functionalities that rely on an external service, there is a potential security concern regarding malformed or malicious input from a user. To prevent such attacks, the input from the user will be validated before being sent to the external service. The filter functionality will be written to properly handle edge cases (no results, no filters selected, etc) to prevent exploitation of any unexpected behavior of the application.