Today we’re releasing an update to The Ultimate Guide to Bubble Security. The update is free for all buyers of the book.
How do I get the update?
Simply log in to your Gumroad account and you’ll find all your products on this page: https://www.gumroad.com/library. The file has been updated so all you need to do is download it again.
Searches versus lookups
This introduces a new section on the nature of Bubble searches and explains the difference between a search and a lookup and how this, and the use of a Thing’s Unique ID affects your security.
This section uncovers a few typical pitfalls that many Bubble developers are unaware of, that can allow unauthorised Users to make changes in your database even to Things they shouldn’t have access to in the app’s privacy rules. For those who are particurarly interested in this topic, it’s also discussed with multiple examples in this thread on the Bubble forum.
You’ll find the new section on page 151.
Free security checkup
The book now also includes a link to the security checkup tool of renowned Bubble agency Tinkso. They offer a free online tool that reveals many of the most common security flaws in Bubble applications.
You’ll find this mentioned on page 306, and the tool is available here: https://check.tinkso.com/