Basically by disallowing read access to /users in the Firebase security rules (w...

		pewallin on Aug 27, 2013 \| parent \| context \| favorite \| on: Be careful when going client-only (Firebase) Basically by disallowing read access to /users in the Firebase security rules (which you should do), the latter 50% of the article would be moot. However the html injection is interesting, be extra careful to validate data when using dynamic jquery-selectors?