You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current Firebase security rules make document history append-only. This means that once a document's URL gets out, it's full history is forever accessible to the the world.
What's worse, deleting text in the editor seems to do the job. There is no hint yet in the UI that older versions are there — but recovering older text is not really hard.
This is not defensible. Users universally expect the ability to delete forever content they created (and sometimes sue for this).
But there is a tradeoff with vandalism. Allowing anyone who saw your work to delete it entirely is also bad. I'm not sure I want to support this until I have logged-in users who "own" a document.
A related alternative (closely related to #91) is retaining the document but locking down access — even read access — to require a longer secret URL.
The text was updated successfully, but these errors were encountered:
The current Firebase security rules make document history append-only. This means that once a document's URL gets out, it's full history is forever accessible to the the world.
This is not defensible. Users universally expect the ability to delete forever content they created (and sometimes sue for this).
But there is a tradeoff with vandalism. Allowing anyone who saw your work to delete it entirely is also bad. I'm not sure I want to support this until I have logged-in users who "own" a document.
A related alternative (closely related to #91) is retaining the document but locking down access — even read access — to require a longer secret URL.
The text was updated successfully, but these errors were encountered: