Hi community,
I’ve removed insecure and autopublish packages from my Meteor project, but if i use Meteor DevTool on chrome, i can see all information : collections, packages, etc.
Exemple off my allow in /import/api/Collection.js :
import { Mongo } from 'meteor/mongo';
export const Collection = new Mongo.Collection('collection');
Collection.allow({
insert: function(userId, doc) {
return !! userId;
},
update: function(userId, post) { return true; },
remove: function(userId, post) { return true; },
});
I think the problem is here, but i don’t know why all client is not secure.
Any idea ?
Thank you guys !