-
Notifications
You must be signed in to change notification settings - Fork 0
Security Issues
nicolekaate edited this page Oct 30, 2022
·
6 revisions
The app will request personal information such as the user's name and date of birth. This is entrusted to Firebase's Security. The implementation of a search bar and various other text inputs that are parsed and sent to the database allows for possible attack vectors. Via XSS attacks, the attacker could send a script to an unsuspecting user. The end user would have no way to know the script should not be trusted, so the script will be executed. To mitigate these possible entry points, inputs will be sanitized before being parsed. There is also little personal data being stored within the app to lessen the chance of leakage.