Sternenwarte88
commented
3 years ago Hey, you donΒ΄t want to show this site on desktop?
Open thisisommore opened 3 years ago
Sternenwarte88
commented
3 years ago Hey, you donΒ΄t want to show this site on desktop?
thisisommore
commented
3 years ago @Sternenwarte88 I do want to show this site on desktop, it would be great if user can visit site on desktop too. If needed we can provide additional info like "this site is best viewed on mobile"
We can remove the width limit if interface is stable for desktop
Sternenwarte88
commented
3 years ago Ah okay. I will take a look again at evening. I think that's not a big problem.
thisisommore
commented
3 years ago @Sternenwarte88 great, let me know if you get into any issue, or cannot understand any code. Also feel free to file new issues.
Sternenwarte88
commented
3 years ago Hey @thisisommore Okay, taken a closer look and I would suggest:
thisisommore
commented
3 years ago Functional approach
thisisommore
commented
3 years ago Thanks for 1st I have never seen duplicate import in this repo. I will check it and will bring it here #24
thisisommore
commented
3 years ago @Sternenwarte88 Just to be clear, Are you looking to contributing by PR or helping me out with discussion ? Or both π ?
Sternenwarte88
commented
3 years ago Ah okay @thisisommore. I can do both, but useless work which you don't want is stupid haha Well then I make some changes and show it. Btw your firebase API should gone π don't give it open.
thisisommore
commented
3 years ago Thanks. Oh that API key, I will delete that and create new soon probably in .env file
Sternenwarte88
commented
3 years ago yeah bt you shouldn't upload this env file then
thisisommore
commented
3 years ago Yeah, it will in .gitignore π
thisisommore
commented
3 years ago @Sternenwarte88 I don't think it is risk to include keys in frontend, since there is no way to make request in frontend for firebase features like auth. Reference. https://stackoverflow.com/questions/37482366/is-it-safe-to-expose-firebase-apikey-to-the-public
Please let me know If I am wrong or if I missed something
Sternenwarte88
commented
3 years ago @thisisommore Well, If you configure your firebase database correctly it shouldn't be a big danger, but If a hacker knows your API and your URL it can be happen that he starts to attack it. So if you hide this information you take an attacker the foundation to attack. For example. You provide an Security key in your frontend so the attacker can go directly to your database. If you hide it in your backend, so the attacker has first crack your backend before he can get attacking your database and the chance to get sensitive Information, sich every Data from your clients is, gets lower.
It's often seen, that developer hide their sensitive information in their backends.
thisisommore
commented
3 years ago Yes, I can hide that in backend and create api with auth, but I guess for database attack firebase by default only allows certain host, and since firebase acts as backend key can be frontend, until it's not imp like private key. Creating separate api in backend and calling firebase auth functions there can create additional delay (Imagine for thousands req per sec) Between I am switching to different provided since firebase sometimes ask for captcha and sometimes disallows my phone completely.
Sternenwarte88
commented
3 years ago Uff x.x That's why I host on mongodb or host mongdb myself xD There is no such problems.
thisisommore
commented
3 years ago Oh, I did self hosted MySQL too :), but that goes offline after 24 hours and then manually needs to start it every time π
Pages like landing overflows vertically which causes the buttons like get started to go below user view port.