Yes, it’s not new
It was the flusk interface before right ?
Yes, it’s just reskinned
Still not the same results between flusk and this new version thats whay i asked as well ..
What’s your bubble app ID?
And for example, lets say i create only a new privacy rule for a data type like “current user is admin and loggued in” - for everyone else nothing is checked. Still i get an error on the issue check -
As per your question, when i use tool like : https://check.tinkso.com/ i have no problem with privacy rules..
Tinkso only checks the data API.
I will work a little bit more and get back to you if needed, many thanks for your help
I’m also experiencing the same issues. The scan is flagging privacy rule problems that don’t actually exist. And when checked with : https://check.tinkso.com/, nothing shows up… My theory is that Bubble is logging in as a user (and once logged in, it would have access to data that logged-out users wouldn’t)… not sure though.
Thanks for your answer … I spent 5 hours on this ….trying to understand
Aside from that, the alert doesn’t make it clear where the information is supposedly being exposed…
It would be great if we could have access to that detail so we could properly investigate it.
I did not get the same issue with flusk though
Tinkso only checks exposed data API.
Security dashboard checks actual data leakage
FYI / CC: @lindsay.esterman