-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[建议] 使用AppFolder以提高安全性 #7
Comments
芜湖,竟然有人提 issue,刚看到。。 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
如果直接使用
Files.ReadWrite.All
, 应用将可以访问全部的文件, 对用户和开发者都不安全.但是如果使用
Files.ReadWrite.AppFolder
, 可以将应用的访问权限限制在应用程序文件夹内.要进行修改也很简单, 只需将
config.js
的scope
改成'openid https://graph.microsoft.com/Files.ReadWrite.AppFolder'
, 然后将api.js
中, url的drive/root:
替换成drive/special/approot:
即可.经本地验证, 行为符合预期
The text was updated successfully, but these errors were encountered: