100% Secure Content

  1. Please build something that lets me 100% secure pages that are hosted on my website.

  2. This is important to me because I want to continue using my favorite website builder without uploading/managing content via some 3rd party content delivery service.

  3. My current workaround is to export my website, host content with a website builder like Wordpress (which has it’s own security problems), password-protect pages, or use a file-sharing tool like Dropbox or Gsuite.

20 Likes

Hey @DuncanHamra :wave:

Thanks for being so active in the forums! Any updates on the this feature of 100% secure content? I haven’t been able to find this update to the roadmap anywhere on the forums. Are you looking for additional user stories from forum members? Would more context and use cases help move this up on the backlog?

Please let me know how I can help,

Jacob

2 Likes

Hi Jacob, thank you! :blush:

More context and use cases will be incredibly helpful!

We’re not ready just yet, but I’ll reach out ASAP. Thanks for making yourself available here.

As a signed-up user to my site (Webflow), members should be able to log into the site via memberstack and view private information linked to their unique Webflow cms item. This includes multi-reference items that are linked to the 100% secure Webflow cms item.

We basically want to show a bit more private data like names and email address of others, in our users dashboard. Thats the primary use case of the 100% secure content, but I’m sure my product brain will be on fire once I sit down for a bit to think of all the possibilities.

Not sure how you intend to secure this content (store it on your end with a ton of custom fields, or you have some clever way to secure Webflow cms items) but I’m sure you’ve thought about building some data editor on your end (or even utilizing google sheets like glide) … would love to learn more and help out where I can, feel free DM.

3 Likes

Would love this! Here is another, slightly different story…

As a website owner using memberstack, I would like my site content to be hidden, even if a tech savvy user disables their JavaScript.

We are building a company intranet and it would be nice to show more sensitive information to our logged in employees. However, if nefarious evil doers can perform some tomfoolery and skullduggery and still gain access, we won’t be able to show as much information.

This information would be the same for all logged in users. BONUS POINTS if we can show different sensitive info to every member - similar to the previous story about a users Personally Identifiable data.

For me, achieving HIPAA compliance or other standards is not necessary… yet :wink:

Hey!

Thanks so much for adding your use-cases. This is so so so helpful for us. I promise all of this context goes into our features list so we can account for your use-cases when looking at building new features🙏

:triangular_flag_on_post: :triangular_flag_on_post: [Feedback sent to roadmap]:triangular_flag_on_post: :triangular_flag_on_post:

1 Like

Just so I’m clear. There is no way to securely lock a memberstack user account to a dynamic page inside webflow?

1 Like

The only way I can think of creating 100% secure pages is having a much more elaborate memberObject.

@belltyler, you may know from using Node’s Express.js that after every page load (if you’re using passport.js for example), there needs to be a call to something like isAuthenticated before every res.send() or res.render(), which is the same reason why the CMS items need to live in the member object, since the MemberStack.onReady.then(function(member) {... is the frontend equivalent.

Adding memberstack.js to the header creates a race condition with the pre-loaded server-rendered Webflow CMS items, so sensitive member specific content would need to live inside of the memberObject. Even if the script deletes the elements off the DOM, any tech-savvy developer using the chrome dev tools could press record on the network tab and log the history of the page by the millisecond.

2 Likes

A post was split to a new topic: Can I create a dynamic member specific page in Webflow

Memberspace handles this by letting you add Content Links (100% Secure Content). Those links validate authorization one final time before delivering the item.

I’m curious if Memberstack has made any progress on this?

Any news on that? I suggest that we have some sort of simple storage in memberstack would solve the problem meybe?