Your plugin keys are exposed

If you use third party plugins, your API keys are exposed in the developer console.

I would imagine this depends on the developer and how careful they are with exposing private keys? Is this a 3rd party Stripe plugin?

1 Like

The Stripe, Segment, and Mixpanel plugins are all from Bubble

From Stripe’s docs about the publishable key

Can be publicly-accessible in your web or mobile app’s client-side code

But those are all public keys, no?

Nothing to see here.

This topic was automatically closed after 14 days. New replies are no longer allowed.