42 results found
-
Offer no bill in case of small website spam which could cause a houndred dollar bill for no reason.
When I chose to use Firebase. It was because it was a free database for small webpages with 10 SMS/day. Now, it seems that you changed the terms when I already put a lot of effort into using firebase. Now I need to use a Blaze plan for 10 SMS/day. This means the following: "Now I might get spammed by any hacker using a VNP + a bot". It doesnt matter how much time I spend on setting up anti-spam defense. I could still get spammed and have to pay thousands of dollars right? I have 2 solutions:
- You could…
1 vote -
VENDORS and Developer illegal claims of software
AAll Windows, PS4, PS5, XONE, XSXS online cost for play online games are starting at $10 up to 200 . The cost per hour online will cost 5 and hour. Where counting down the amount of hour children are allowed to play or Regulating these Councils because you don't learn anything from these game . We planning on adding a military testing 2 player shooting mode online for Educational purposes. These Simulator are binary military development platforms that civilian that unlisted one year in basic training get use those Simulator for team training Exercise . Cost for Devops package will…
1 vote -
Disable build script in `firebase deploy` OR enable env configurations
Right now there's not the ability to select a build configuration. I want that either firebase leaves to the developers the option to build the app, or that a developer can instruct firebase to use a specific build configuration.
1 vote -
Site Not Found
i have deployed and when i try to go on default site i see site not found
1 vote -
Allow a function to set the headers of a hosting endpoint dynamically
Right now there does not seem to be a way to dynamically set the headers of a hosting response using a function.
Among other things, this makes it impossible to use a nonce.
1 vote -
dynamic robots.txt and favicon
Add capability to dynamically change robots.txt and favicon. The current behavior returns 404.
3 votes -
BlackList for Hosting
Please block access from this UserAgent.
"Bytespider; spider-feedback@bytedance.com"3 votes -
Secure Transport Layer Implementation
The "Secure Transport Layer Implementation" idea centers around fortifying the application's transport layer to mitigate vulnerabilities, particularly the risk of insufficient protection against attacks like POODLE. This vulnerability exposes the application to potential exploits, compromising the confidentiality and integrity of data exchanged between the application and its users.
Insufficient transport layer protection opens the door to various security threats, including man-in-the-middle attacks, data interception, injection of malicious content, and communication redirection. These threats undermine the trustworthiness of the application and jeopardize user data security.
To address this vulnerability effectively, it's imperative to reinforce the application's transport layer security by implementing…
12 votes -
Full-stack preview channels
Hosting preview channels are great, and work well for client-side code, however for full-stack apps that require a server (either for SSR or API routes), the preview channel uses to the 'main' server as a backend. It would be great if the server side code also got deployed to a new firebase function and was managed alongside the hosting preview.
3 votes -
Firebase hosting timeout should be configurable
I am using cloud run to and firebase hosting to have a custom domain to access my application.
I know Firebase doc mentions :
Firebase Hosting is subject to a 60-second request timeout. If your app requires more than 60 seconds to run, you'll receive an HTTPS status code 504 (request timeout).But I need to increase this timeout, since my cloud run app has a function to process data and write to an excel that can take up to 3mn.
1 vote -
Support yarn and/or pnpm for frameworks
Currently frameworks only used npm
This can cause issues if using yarn or pnpm, and npm does not read the lockfile and you can end up with different versions of dependencies in production
Deployments with frameworks should detect the package manager used
3 votes -
The ability to turn on/off the decoding of encoded data url in firebase.json
When I hosted a frontend client (React JS) and backend (NodeJS) server in hosting and functions combination, there were some scenarios where in I needed to send data (to server) which contained slash (so encoded them).
This was where the problem rose, the encoded component was automatically decoded by the firebase hosting itself and sent the wrong url to the underlying server.
Therefore firebase should give us the ability to turn on/off the decoding of encoded data url in firebase.json
my current firebase.json file -
{
"functions": [
{
"source": "functions",
"codebase": "default",
"ignore": [
"nodemodules",
".git",
"firebase-debug.log",
"firebase-debug.…3 votes -
Manage minInstances setting of pinned functions of previous releases
Pinned functions of previous releases keep their minInstances setting. E.g. after deploying 10 times with a minInstances setting of 1, there will be 10 idling instances but only the newest revision handles all the traffic. Yet the remaining 9 instances' idle time is billed as well because the function is still addressable through the revision tag.
This also affects the maxInstances setting: With a maxInstances setting of 10, the newest Cloud Run revision which handles 100% of the traffic won't be able to scale anymore.
As far as I know, the only way to handle this right now is to…
5 votes -
Pass all cookies to Cloud Functions or Cloud Run
Right now only a _session Cookie is passed.
https://firebase.google.com/docs/hosting/manage-cache#usingcookies5 votes -
Hosting CDN cache stale-while-revalidate
Time-to-first-byte from Firebase Functions is usually slow (more than 500ms) even without cold start, sometimes (with cold starts) TTFB becomes absolutely unacceptable for projects where performance is important. SSRed HTML is also not Brotli compressed as static files.
This is a really big problem to deploy SSR web apps to Firebase IMO, and cache SWR at the CDN layer (edge) would solve it perfectly.5 votes -
View custom domain setup DNS configurations
After a Custom Domain is set up on a site, there's no way to view what the correct DNS records should be.
4 votes -
2 votes
-
X-User-Country header when proxying to Google Cloud Run
App Engine and Cloud Functions send X-AppEngine-Country to app servers, which is useful for serving regional content to users.
Google Cloud Run doesn't receive the same headers. GCR can receive this header through load balancer custom headers (https://cloud.google.com/load-balancing/docs/https/custom-headers), but it'd be great if it were supported through Firebase Hosting directly without any extra configurations.
5 votes -
Restrict Unauthenticated PURGE requests
At the moment Hosting is using Varnish cache which developers do not have access so they can't configure it, this leaves a small window for people to continuously Purge the page and increase the developer's usage
9 votes -
CI & CD for deployments
Git based CI & CD auto deployments would really be a game changer, it can be integrated to things like cloud run and enable this. Half the time I use tools like vercel and netlify because of lack of auto deployments in firebase
2 votes
- Don't see your idea?