I assume Bubble prevents against SQL injection in all input fields, etc. Can anyone confirm?
Additionally, with the new Vanilla Rich Text Editor (i.e., WYSIWYG), I confirmed with it’s author that the HTML text is being converted to plain text on the client and then Bubble stores it as plain text. So, I assume this makes the HTML from this plugin also guarded against SQL injection, right?
Seems like this is the only other post on the topic here in the forum.
So I’m going to guess there’s nothing we need to do (like like limiting character types on input fields) in order to prevent SQL injections ?
But XSS might be another topic…
