acaptutorials · acaptutorials · Sep 26, 2024 · Sep 26, 2024
diff --git a/docs/pages/changelog.mdx b/docs/pages/changelog.mdx
@@ -59,8 +59,8 @@ Version 2.0 and later versions may have new requirements that will thrive on new
 </Callout>
 
 <FAQBoxError title="💀 Version 2.0 - 2.1 Security Technical Debts:">
-1. **Flexible Firestore Database Use:** Version 2.0+ adopted a more flexible approach for handling data management, facilitating faster feature development by performing WRITE operations to the database directly from the web front end coupled with more lenient Firestore database Rules. However, this shift also introduced the potential for data to enter the database without the usual front-end controls through the Firestore REST APIs. While this was not an issue in Version 1.0, it emerged as part of the effort to enhance development speed and feature delivery starting with Version 2.0.
-2. **Cross-Site Scripting (XSS) Vulnerability in Crop Recommendations:** Related to item 1, the new process for editing WYSIWYG HTML-form crop recommendations input may allow unsafe or inaccurate content due to limited validation. Risks associated with this were recognized early in the process, but the focus on delivering core features led to a delay in integrating security measures.
+1. **Flexible Firestore Database Use:** Version 2.0+ adopted a more flexible approach for handling data management, facilitating faster feature development by performing WRITE operations to the database directly from the web front end coupled with more lenient Firestore database Rules. However, this shift also introduced the potential for data to enter the database without the usual front-end controls through the [Firestore REST APIs](https://cloud.google.com/firestore/docs/reference/rest/). While this was not an issue in Version 1.0, it emerged as part of the effort to enhance development speed and feature delivery starting with Version 2.0.
+2. **Cross-Site Scripting (XSS) Vulnerability in Crop Recommendations:** Related to item 1, the new process for editing WYSIWYG HTML-form crop recommendations input may allow unsafe or inaccurate content due to limited validation through the [Firestore REST APIs](https://cloud.google.com/firestore/docs/reference/rest/). Risks associated with this were recognized early in the process, but the focus on delivering core features led to a delay in integrating security measures.
 3. **Crop recommendations data integrity:** Ensuring that data presentations in PDF bulletins remain unaltered, trustworthy, and accurate is crucial for users and future developers. This priority stems from the concerns identified in items 1 and 2.
 
 > These issues, raised during the early 2.0 development phase, have been communicated to the new main ACAP Maintainer, who is also the new primary developer leading the creation and enhancement of new features for Version 2.0. The new Maintainer has made thoughtful decisions for balancing development speed with feature delivery, reflecting their understanding of the project's scope and the perceived security needs. They are open to addressing these issues as time and priorities allow within the ACAP project timeline.

diff --git a/docs/pages/references.mdx b/docs/pages/references.mdx
@@ -51,6 +51,7 @@ This section contains URL links to partners and various online references used b
 <div className="text-semibold text-sm text-purple-500 no-underline hover:underline">
 - [Firestore Web API](https://firebase.google.com/docs/firestore/quickstart)
 - [Firestore REST APIs](https://firebase.google.com/docs/firestore/use-rest-api)
+- [Firestore REST API (Explorer)](https://cloud.google.com/firestore/docs/reference/rest/)
 - [Firestore Rules](https://firebase.google.com/docs/firestore/security/get-started)
 </div>