Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Questions for Installation and Session #4356

Closed
jjdp opened this issue Nov 16, 2017 · 1 comment
Closed

Security Questions for Installation and Session #4356

jjdp opened this issue Nov 16, 2017 · 1 comment

Comments

@jjdp
Copy link

jjdp commented Nov 16, 2017

  1. I'm setting all count clps to {} for all my classes since we don't need it. On the _Installation Class, are there any side effects on parse-server's side? Like for example notifications.

  2. Are there any side effects on parse-server if I set all clp to {} on the _Session Class
@flovilmart
Copy link
Contributor

You may have side effects if you set CLP’s on sessions, while I’m not sure which, they are secured by ACL’s and additional checks.

On installations, you need clients to be able to write to installations for push to be working properly. Find operations are disabled. See the docs for more info, in the security sections.

Also, we can’t guarantee thAt your CLP’s won’t interfere with what you expect in the SDK’s, if you prevent installation / session creation, from CLP, there’s a high chance logins, signups and push’s won’t be functional.

@montymxb montymxb changed the title Security Questions for Insallation and Session Security Questions for Installation and Session Nov 16, 2017
@dplewis dplewis mentioned this issue Apr 21, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@flovilmart @jjdp