Security and redirects

I am using Bubble with a domain purchased from GoDaddy, with DNS changes to allow for Sendgrid to send emails. I am using the Stripe from Bubble plugin, and everything is going great.

However, just recently a user was redirected (from Stripe) (after purchase), to a completely different/spam website.

This has happened once before on some webprojects where the htaccess file had a redirect that could be hijacked, but this is a little different…

Has this happened to anyone before? Best practices to take so this doesn’t happen?

User privacy rules are completely disabled from the public, and my application is set as private. Any help would be appreciated.

Hey @cameron1,

Did you set the correct redirection site in your Stripe account? I’m not seeing this behavior in any of my apps.

This may be something I’m overlooking. I cannot see any indiciation of this inside Stripe. Do you have any pointers?

Settings > Customer Portal > Default redirect link

1 Like

This topic was automatically closed after 14 days. New replies are no longer allowed.