Forum Academy Marketplace Showcase Pricing Features

How to securely implement 'anyone with this link can view this page'

How can I set up ‘anyone with this link can view this page’-type functionality, similar to when you share a Google Doc?

Example from Google Docs:

Context:
I have a site which has only two data types: ‘Users’ and ‘Prospects’. My site has 2 pages.

Both pages are set to have the type ‘Prospect’. Each page contains elements like files, videos, and text, which are populated dynamically when the page loads based on which Prospect is used to populate the page.

Screenshot 2020-09-16 at 12.30.23

My goal is that only people who have a specific URL (one which includes a valid prospect identity) should be able to view the pages.

To avoid people being able to load these pages by simple guessing the URL, I have added a random 6-digit number to the end of the ‘slug’ field for each prospect. I have put all of the elements of a page into a group, and set the group to only be visible if: ‘search all Prospects contains Current Page’s Prospect’:

Screenshot 2020-09-16 at 12.21.55

For example: www.myapp.com/page-1/prospectA loads Page 1, runs a search to see if my database of Prospects contains ‘prospectA’, and then if it does it makes the elements of the page visible. The elements themselves (e.g. Video, text etc.) are then populated dynamically (e.g. ‘Current Page Prospect’s Video ID’).

This is all good, and working fine.

My question is whether this is in fact secure or not – in particular, I’m concerned about the step when the page is loaded, and bubble runs a search through all Prospects in my database to see if one matches with the data included in the URL.

For example, is there a risk that someone could somehow extract the list of all Prospects in my database, and then use that information to construct a valid URL needed to load a prospect’s information on a page?

Thanks in advance!

From the Bubble Manual

-Steve

Thanks Steve. Do you have any ideas how I could use privacy rules in this case to keep the data private, while also enabling the functionality of ‘anyone with this link can view this page’? Thanks

Well, AFAIK, “keep the data private” and “anyone with this link can view” are completely opposite things, and a page can’t be both at the same time. The latter means that the page is public; it’s just that the URL is difficult to guess, and so it’s highly unlikely someone who hasn’t been directly provided the link will discover it.

That’s also true for the Google Doc link you referenced as an example. That doc is not “private” at all. If someone with that link posts it to social media or otherwise broadly shares it, then anyone with that link can access the document.

If that’s what you’re after, then sure, it seems like you could just create a URL that would be difficult to guess. Bubble’s new Page Slug feature could come in handy for that. It might be as simple as generating a “hash” from a Thing’s unique ID to serve as the page slug.

If, instead, you’re after truly “private” data, then I think the only way to have direct control over who sees the resource is to require logging into an account on your app.

-Steve


Premium Bubble Plug-Ins

Thanks Steve. Yes, I don’t need the page to be truly private. I’m comfortable with the small possibility that someone could randomly guess the link, but I just want to avoid the possibility that someone (most likely, someone who already has one valid link) could find other valid Prospect slugs if they are somehow being exposed on the page.

Just to double check on that: if I load a page, is a list of Prospects being sent from the bubble server to the user’s computer, or is that search of the database happening entirely on bubble’s server? If the latter, I think I’m good to go because no other Prospect’s slug would be sent to the user’s computer.

If a list of prospects is in the search results (i.e. if there’s a list of prospects on the page somewhere), then yes. The search itself happens on the server. It’s the results of the search that are sent to the client (browser). Again, be sure to use privacy roles to control view access to data.

Thanks. No, there’s no list of prospects in the search results. I’d use privacy roles to be doubly sure, but that breaks the desired functionality of allowing users to view material on a page based only on a unique URL. Thanks!