Forum Academy Marketplace Showcase Pricing Features

Bubble Plugin Exposed in Console

Hey Bubble,

short question: I am developing a plugin, however the plugin is exposed in the console. Is there any possibility to no expose the plugin beneath “no domain”? This would be awesome!


Thanks and best!

What you want to not exposed? Code or keys?

Hey Ankur,
the code. If this is not possible, at least not showing up as (no domain).


Isn’t it minified in production? Take a look in an actual installation and not in the test mode of the plugin and let us know here what you see :blush:


And while @vini_brito has a good point, I can attest to the fact that minification can’t prevent someone with the motivation, a modicum of web savvy, and some familiarity with dev tools from reconstructing an exact duplicate of your plugin. (This happened to me recently.)

I won’t elaborate further, but suffice it to say that there are, unfortunately, unsavory types who lack the time, skill, and/or creativity to create something original from scratch and will resort to such tactics. :neutral_face:

1 Like

If interested, I’m available to talk through your problem live (am currently hosting free office hours - see here)

That said, I do not believe it is possible to hide your client side plugin’s code from the… erm, client. That’s just the nature of the beast. Instead, the best (only?) mechanism you have at hiding this is rebuilding the plugin so that it’s a server side plugin.

Thanks a lot for your responses! I’ve deployed the actual plugin and installed it, however the same issue persists

I guess the question is two-fold: The first one is minifying the plugin code/ somewhat hiding it, however the even more pressing point is the following: If am under Chrome DevTools, go to sources and then under (no domain), some plugins - including mine - are displayed. However, I do not want the plugin to show there - so, not displaying the plugin under (no domain).

Screenshot is attached:

Question: How can I get those plugins not displayed as (no domain)?

Thank you!

There are two scenarios to properly hide the code of your plugin:

  1. For your personal website, avoid using plugins and adopt the traditional approach. Write a script for all your plugins, then minify them, and call the functions using the toolkit plugin with the ‘run JavaScript’ action.

  2. For commercial purposes, Bubble requires that you include the demo and editor links in the plugin instructions, which some may find odd as the code is easily accessible in folders with the exact names of sections and actions. This could allow anybody with zero programming knowledge to copy the entire plugin in less than a minute. Bubble in this case like someone opening a store for you and asking you to keep the back door widely open. It is not clear if Bubble intends to do this, but you can mitigate this by sending, first, the instruction with the editor and demo links to have Bubble accept your plugin, then create a second version of the plugin with instructions that do not include those links but instead have a link for a short youtube video demonstrating how the plugin works, and which concern the instructions, you can use GitBook to yield better clarification. Additionally, it is recommended not to use a monthly pricing model unless you have a server-side, as this will expose your code again.

And for those who have a strong intention for open source notion, I know open source is very important to create collaborative progress faster and wider, but on the other side, this notion was founded, in the first place, on the willingness of the programmer to share their work with others who will make an additional effort to build something new, not with novice copycat.

Obfuscate and inject dead code. It’s 1 option to dissuade maldoers

I know what you say is true, @jared.gibb, but the goal of minification is removing unneeded script and reducing the size of the overall package.

As far as dead code injection, just running modern minification on a script with dead code can easily remove the dead code. So this fairly pointless.

Also, because property mangling is fairly dangerous in Bubble, there’s a bit of a limit to how obtuse/obfuscated one’s code can get.

So, I don’t worry too much about the “scumbag” concern (though believe me, there are no-talent scumbags in the Bubble plugin community).

Instead I’ve been trying to encourage plugin devs to understand that Bubble no longer auto-minifies production code (as I recently mentioned here: So, Like, When *did* the Plugin Builder Stop Minifying Code?) and I’ve shared how I minify plugin code in observation #2 here - Random Observations About the Plugin Builder though note that at the time of that post I just thought auto-minification had changed, not gone away entirely).

Have you tried Babel?

Hey @doug.burden - well not for Bubble because we don’t generally need a transpiler (unless you want to write typescript or something). It was certainly common to have chains like Babel (transpile) > Uglify (minification/mangling), but Uglify is now deprecated so Terser is really the only game in town these days (and there’s an excellent VS Code plugin for that).

Visual Studio?

Yeah, Visual Studio Code editor (also pretty much the only game in town in the category of code editing these days).

1 Like

Unfortunately, there’s no way to get your plugin unlisted from that list :frowning: