A few steps from Production

Everyone is convinced of the importance of firebase rules and I took too long to put my application in production mode and here I am facing two problems:

  • when my application is initialized then my blocks do not contain any instructions relating to my database (or else I have a problem with my view) I see a pop-up which displays firebase permission denied twice I press " continue "and my application works with minimum security rules so I would like to delete this pop up which does not reassure the user

    I disabled all the blocks, and I also see the pop ups

  • the other problem is the datachanged event which no longer works with a database protected at least with the REST APIs I was warned. in a post we mention a solution but I really don't understand it


If you are saying you would like to use Firebase with minimal security rules and for users to be unaware of it, then this is highly unethical.

The firebase component connects to the firebase on startup of the app, this is why you get the permissions exception. If there is no valid user connected at startup, you will get the exception.

If you ONLY use REST api, then this will not happen (unless your sign in credentials are incorrect)

Try the firebase error block, or the screen1 error block


what i call "minimum security rules" is that


"rules": {

"project bucket": {
  ".read": "auth.uid != null",
  ".write": "auth.uid != null"


Ok. You need to be more precise in what you are saying in future. Minimum security rules are where read and write are set to true for everyone.


thank you Tim for your observations indeed although I communicate with the database with the rest API I had left the database component and as I thought I used two databases in my project I had two so two pop ups

I would like to implement the datachanged event but in the post that allowed me to get to where I am I see on one side the parameters of a database and on the other this block


i think i need more than a spotlight

  1. You are referring this this:
    How to have Secure Rules on Firebase, and allow Auth Users to Read/Write
  2. The contents in the join blocks match with the entries in the firebase config, but you need the user email and password details, their uid, and the target project bucket at the top in order to sign in and get dataChanged information back..

It looks simple but I don't know what to do

for example I do not know what to attach the block above

You make the webviewstring :slight_smile:


with this block i think i have made the string i need to give to the script it expects

nothing happens when i modify my database i don't see anything in the webviewver i put visibility on true
according to what I understand the script is supposed to return the info which changes at the user level data i do not have in my base
what can i do to get the tag list when data changed ?

Are you using the webviewstring Changed event block and checking the value? The html file should load the webviewstring with data if the data changes. The html file will not actually display anything, if I remember correctly.

I use it for a while but it does not work
I added this in the script

document.write(wvstr) ;

t allows me to check what it receives and I can see the email, the pass etc...

These might help:

especially this:

David East makes it all look so easy !!! :smiley:

1 Like

not that much :confused:

Well, that is how you do it, and that is what is in my example.....

1 Like

for now I am going back to his first tutorial i create an index.html file, I added a child node in the database that I reinitialized and nothing happens when I type the text in the child node as he do it

OK I have it working from David's example (it has gone a little out of date....)

html file (you need all three js libraries, and I believe they need to match):

<!DOCTYPE html>
<meta name=“viewport” content=“width=device-width, initial-scale=1.0”>

	<title>FB Changes</title>
	<script src="https://www.gstatic.com/firebasejs/8.3.1/firebase-app.js"></script>
	<script src="https://www.gstatic.com/firebasejs/8.3.1/firebase-auth.js"></script>
	<script src="https://www.gstatic.com/firebasejs/8.3.1/firebase-database.js"></script>



<pre id = "object"></pre>
<script src = "app.js"></script>

app.js (put in your own firebase config data!!)

( function() {
  // Your web app's Firebase configuration
  const config = {
    apiKey: "AIzaSpTpXSV4",
    authDomain: "ao.firebaseapp.com",
    databaseURL: "https://ao.firebaseio.com",
    projectId: "ao",
    storageBucket: "ao.appspot.com",
    messagingSenderId: "6791398",
    appId: "1:6799911313b3d15e3f11bb287"

// Initialize Firebase
  const preObject = document.getElementById("object");
  const dbRefObject = firebase.database().ref().child("object");
  dbRefObject.on('value', snap => {
	 preObject.innerText = JSON.stringify(snap.val(), null, 3);

1 Like

Oh, and make sure that your rules for "object" are read/write:

"object": {
         ".read": true,
         ".write": true

*object" is created in the root of the database

1 Like

I loaded the html file and the script in the assets folder and now the modifications in the database made at the object level are visible in the webviewver :relieved:
when I add another node it is not visible in the web viewer
I have several questions for example can I replace object by my project bucket?
I know that I will have to go back to securing the database but for now I will leave the rules on true to try to recreate the equivalent of the datachanged block which allowed me to update my database in real time