Security: How to avoid Database Leaks on your Bubble app?

This is actually an edgecase which you have to account for.

If the user’s team is empty, the ‘User’s own team’ rule breaks down. This is because an unauthenticated user’s team (no team) is the user’s team (no team), so that privacy rule actually outputs a true.

Check out @georgecollier 's recent post about it.

1 Like