Comments (12)
I'm going to try to check this this week.
EDIT: Finally I will be able to check this next week: September 23-29
from flutterfire.
I've checked on iOS and Android and I was able to retrieve the whole link with query params included.
Can you try to build the dynamic link via Firebase console to verify it is not a problem on the creation process?
from flutterfire.
Hi,
This is happening when a parameters is added to the ShortLinkURL, AFTER it has been generated.
Aka
a) Generate/Create a ShortDynamicLink.trasform it to a URI.
b) Take that URI and add some additional parameters. In my case it was going to be a more secure list id.
c) On receivers phone, when a user clicks on this "updated" URI ..the app gets launched, BUT these additional fields are not there, though no reason for them to be passed along.
from flutterfire.
Why are you adding the query params to the short link generated? I think that is not the way to go, you should pass the query params to the link before the short link is generated so Firebase returns those params in the URL resolved.
You have two ways to generate dynamic links:
- Short link
- Long links: https://firebase.google.com/docs/dynamic-links/create-manually
in both cases you can add query params to the link (in long links you have to URL encode the link in the link query param).
I think this is not a bug, we could add the original link the user clicks to PendingDynamicLinkData structure as a feature request, but I do not see any use case in which this is needed so I think we should not make the effort.
from flutterfire.
Thanks for quick response.
Here is the context:
I needed to make the link secure. I had a shared secret token which in short link was turning into 5-6 character token and was worried about it being hacked.
After creating this bug I found out about this attribute and started using that.
dynamicLinkParametersOptions: DynamicLinkParametersOptions(
shortDynamicLinkPathLength: ShortDynamicLinkPathLength.unguessable,
),
However I was still not sure if it was secure enough. As the new token though longer was around 17 characters (128 bit + 1 byte checksum?) so, I left the bug/feature request open in hope of being able to add additional longer token at end to be, doubly sure.
https://*.page.link/thPML8T8T9wqOers7
I will depend on your judgement about if it is secure enough to mark this issue close.
Thanks.
from flutterfire.
Hi, I understand your need to add some kind of security to your application, but I think the layer to do so is not in the link generation which is not secure enough, I think the way to go is once you have the dynamic link handled, combine the work in the app and server side to guarantee the user which is going to use the dynamic link can do the action the dynamic link represents.
I think you are trying to add security in a layer which is pretty issue to skip.
What do you think?
from flutterfire.
Yes.
The dynamics of the app would not allow for the mechanics of doing extra check in the app on receiving end.
Essentially the feature is equivalent to Google Drive feature of "Visible to anyone with the link".
https://drive.google.com/file/d/0BPHW_2QQcDuQc3RhjnRlcl0maWxl/view?usp=sharing
App is sharing a resource among users who otherwise have no handle to each other. Passing of link among them via messaging or email is the only way to permission the sharing of resource between them.
The issue is not a show stopper after I transitioned to "ShortDynamicLinkPathLength.unguessable". I also added extra time checks for validity of shared URL, so am more ok with what I have right now.
There could be alternate solution like adding few more bytes to the link generated to make it crypotgraphically secure. Will leave it to your discretion to close it.
from flutterfire.
Ok, I know understand your use case, I've added an attribute to PendingDynamicLinkData sourceLink
with the URL the user clicked which launched the event.
Try this
firebase_dynamic_links:
git:
url: https://github.com/mrmilu/flutterfire.git
path: packages/firebase_dynamic_links
ref: firebase_dynamic_links-0.5.0+5
from flutterfire.
Hello @jherencia @simpleapps4goodlife
I am facing the similar issue for passing and fetching query parameters for firebase dynamic links. Can you please answer me at stackoverflow question Here
Any help would be useful.
Thanks.
from flutterfire.
@JayM96 I would like not to spread the information in two channels: stackoverflow and here.
I'd be happy to help if you bring the communication here.
from flutterfire.
@jherencia I have opened an issue in the same package here. So you can answer (#1289)
Thanks for the reply
from flutterfire.
I'm going to close this as it is two major versions removed from latest, and the issue creator no longer exists.
from flutterfire.
Related Issues (20)
- [firebase_crashlytics]: Flutter App Crashes on Newer Devices After Submission to Google Play HOT 1
- [firebase_core]: <issue in android> HOT 1
- signInWithRedirect is of void type, but is stated as returning UserCredentials in the docs HOT 1
- FirebaseCoreHostApi.initializeCore HOT 2
- Domain=FIRAuthErrorDomain Code=17999 with firebase auth HOT 2
- [FirebaseAuth]: Unhandled Exception: type 'List<Object?>' is not a subtype of type 'PigeonUserInfo' in type cast HOT 1
- firebase_auth: Error: Type 'IdTokenResult' not found. HOT 3
- [firebase_crashlytics]: java.io.IOException: Breakpad symbol generation failed (exit=1) by GitHub Actions HOT 5
- [firebase_hosting] Wasm is not used in Flutter Web App HOT 2
- [firebase_messaging]: background proccesing messaging not working 17.5.1 ios HOT 1
- [cloud_firestore]: ListenSource.cache seems to be ignored for document snapshots HOT 1
- [firebase_core]: <runTransaction throws an exception on Windows.>
- [firebase_database]: Issue on web debug mode when listening to multiple onValue streams on the same path HOT 1
- [firebase_auth]: Flutter web release mode got this error when performing `signInWithPopup` : "UnImplementedError: signInWithPopup is only supported on web based platforms Flutter" HOT 1
- [firebase_messaging]: Scheduled notifications in Recipient time zone on iOS HOT 2
- [Database/unavailable] Service unavailable on Android after update - Possible impact of multiple database support? HOT 3
- Firebase phone auth returns: An internal error has occurred. [ Error code:39 ] HOT 4
- [AppCheck]: Pub get fails after share_plus releases new versions HOT 2
- [firebase_analytics]: Error on launchUrl of url_launcher HOT 1
- [web]: Dependency issue with other package using `web: ^1.0.0` HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flutterfire.