If I were to make a 100% client-side app with Firebase as the backend, how would I prevent somebody from taking all my static files, changing the Firebase references to point to their own Firebase, and releasing a competing product?
如果我使用Firebase作为后端制作100%客户端应用程序,我将如何阻止某人获取所有静态文件,将Firebase引用更改为指向他们自己的Firebase,以及发布竞争产品?
1 个解决方案
#1
11
This is technically a possibility (there's no way to prevent it outright), but it isn't isolated to Firebase. With the move towards rich, client-side web apps, more and more of the "interesting" application logic lives in the client and could be examined or copied. However there are a few mitigating factors:
这在技术上是可能的(没有办法完全阻止它),但它并不是与Firebase隔离的。随着向富客户端Web应用程序的转变,越来越多的“有趣”应用程序逻辑存在于客户端中,可以进行检查或复制。但是有一些缓解因素:
- The most direct way to prevent this is through code obfuscation/minification (e.g. using something like UglifyJS). This results in JavaScript that can't be reasonably understood or modified. The vast majority of web apps use this technique.
- 防止这种情况的最直接方法是通过代码混淆/缩小(例如使用类似UglifyJS的东西)。这导致无法合理理解或修改JavaScript。绝大多数网络应用都使用这种技术。
- Firebase lets you write fully client-side apps without writing any server code, but it certainly doesn't force this upon you. There are server clients for Node.JS and the JVM so that if you do have proprietary logic that can't be public, you can easily run it on your own servers.
- Firebase允许您在不编写任何服务器代码的情况下编写完全客户端应用程序,但它肯定不会强制执行此操作。 Node.JS和JVM都有服务器客户端,因此如果您拥有无法公开的专有逻辑,您可以轻松地在自己的服务器上运行它。
- In general, there's a lot more to a product than the code. :-) (Brand, marketing, customer acquisition, and most importantly, all of the experience and knowledge you get from building the product)
- 一般来说,产品比代码要多得多。 :-)(品牌,营销,客户获取,最重要的是,您从构建产品中获得的所有经验和知识)
#1
11
This is technically a possibility (there's no way to prevent it outright), but it isn't isolated to Firebase. With the move towards rich, client-side web apps, more and more of the "interesting" application logic lives in the client and could be examined or copied. However there are a few mitigating factors:
这在技术上是可能的(没有办法完全阻止它),但它并不是与Firebase隔离的。随着向富客户端Web应用程序的转变,越来越多的“有趣”应用程序逻辑存在于客户端中,可以进行检查或复制。但是有一些缓解因素:
- The most direct way to prevent this is through code obfuscation/minification (e.g. using something like UglifyJS). This results in JavaScript that can't be reasonably understood or modified. The vast majority of web apps use this technique.
- 防止这种情况的最直接方法是通过代码混淆/缩小(例如使用类似UglifyJS的东西)。这导致无法合理理解或修改JavaScript。绝大多数网络应用都使用这种技术。
- Firebase lets you write fully client-side apps without writing any server code, but it certainly doesn't force this upon you. There are server clients for Node.JS and the JVM so that if you do have proprietary logic that can't be public, you can easily run it on your own servers.
- Firebase允许您在不编写任何服务器代码的情况下编写完全客户端应用程序,但它肯定不会强制执行此操作。 Node.JS和JVM都有服务器客户端,因此如果您拥有无法公开的专有逻辑,您可以轻松地在自己的服务器上运行它。
- In general, there's a lot more to a product than the code. :-) (Brand, marketing, customer acquisition, and most importantly, all of the experience and knowledge you get from building the product)
- 一般来说,产品比代码要多得多。 :-)(品牌,营销,客户获取,最重要的是,您从构建产品中获得的所有经验和知识)