Is there a way to restrict Cloud Firestore (for hosting/web) to do CRUD operations with restrictions to one domain only, say xyz.com?
For example, the rule below locks read, update, delete without authorisation but you can still write things to the database.
service cloud.firestore {
match /databases/{database}/documents {
match /coming-soon-email-ids/{document=**} {
allow write;
allow read, update, delete: if request.auth.uid == !null;
}
}
}
Or do I have to integrate Google's firewall in it?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
