I have noticed a concerning matter, as a user of the web app I created, I expect security of my information ( that’s why there is a login and password ), so I did a test:
I logged out of the web app, but I copied the URL showing before I logged out
I logged out, pasted the URL, and yet I was still able to access the screen with all its information, not only that, every link on that screen was still linking to everything.
This is highly insecure, is this behaviour normal? if no how do I fix it, once logged out you shouldn’t be able to access anything.
Hello, usually if you’re not logged in you should go to the Welcome screen if you enter any link in your app. If you’re experiencing a problem with it, you can send a ticket through this link: Submit a Support Ticket
somehow its not the case, I opened the ticket, and I changed the permissions to logged in only for everything, the information is gone, but everything else is visible, like buttons, fields… @GrantWoods solution does work, but its strange I have to do it for every screen, this is worrisome, we need a major switch to tell our apps whether all our screens need a login or no.
Agree, it was scary when I first found out about this.
I was lucky to find this early on into the development, so every screen onwards was a copy-paste from the old one which meant it had the click actions (when visiting a screen do x) copied as well.
So if anyone gets a URL to a screen, they would quickly be logged out.
I agree though, its not ideal at all! There should be a universal switch or toggle