My app uses the native Bubble/Stripe plugin, and also a few Stripe webhooks.
I’ve been working heavily to make my webhooks secure, as I came to realize they aren’t really secure at all to begin with.
Well after this realization, I began to wonder: “How secure are the actions in the native Bubble/Stripe plugin? Is it anything like a webhook?”
Specifically, I use some features like “Subscribe user to price” and then run a workflow after this. How secure is this? Can this be easily hacked to make Bubble think the “Subscriber user to price” went through, and then continue the workflow? Are there any security measures I need to add (like with webhooks) to make this secure?
Maybe the plugin is totally secure and nothing like a webhook, but I have to ask.
Thanks in advance!