Security and redirects

cameron1 · April 12, 2021, 4:09am

I am using Bubble with a domain purchased from GoDaddy, with DNS changes to allow for Sendgrid to send emails. I am using the Stripe from Bubble plugin, and everything is going great.

However, just recently a user was redirected (from Stripe) (after purchase), to a completely different/spam website.

This has happened once before on some webprojects where the htaccess file had a redirect that could be hijacked, but this is a little different…

Has this happened to anyone before? Best practices to take so this doesn’t happen?

User privacy rules are completely disabled from the public, and my application is set as private. Any help would be appreciated.

johnny · April 12, 2021, 4:23am

Hey @cameron1,

Did you set the correct redirection site in your Stripe account? I’m not seeing this behavior in any of my apps.

cameron1 · April 12, 2021, 4:32am

This may be something I’m overlooking. I cannot see any indiciation of this inside Stripe. Do you have any pointers?

johnny · April 12, 2021, 5:31am

Settings > Customer Portal > Default redirect link

system · April 26, 2021, 4:10am

This topic was automatically closed after 14 days. New replies are no longer allowed.