Today we're pleased to announce that Firebase databases now support SSL. This is the first of many steps we will be taking in the coming months to make Firebase the most secure way to build your cloud application.
This means that both the Firebase JS include and the packets that are transmitted between the Firebase server and your users' browsers will be encrypted.
For developers who are new to Firebase, please see our updated documentation. For developers who have used Firebase previously, you'll need to change two things:
1. Your Firebase JS Include
You should alter the script tag in your page
https://cdn.firebase.com/js/client/2.4.2/firebase.js
Concretely this will look like:
<script src="https://cdn.firebase.com/js/client/2.4.2/firebase.js"></script>
2. Your Firebase URL References
Each piece of data inside Firebase has its own URL -- that is one of our core concepts. To use SSL for sending and receiving data from your clients, these URLs will need to be altered to use 'https', for example:
https://SampleChat.firebaseIO.com/
var myRootRef = new Firebase("https://SampleChat.firebaseIO.com/");
We understand that SSL is just the beginnings of a comprehensive security system. We'll be making many more announcements over the coming months relating to security. Stay tuned!