You check the places data leaks from: the page source, the network requests, your database access rules, and what a logged-out visitor can reach. Open your own app, look for exposed keys and readable records, and try to see data you should not. If you can reach it, so can a stranger.
Information current as at 5 July 2026
A data leak rarely announces itself. There is no alarm, no error, no obvious sign; the app keeps working perfectly while quietly handing out information it should be guarding. The good news is that many leaks are findable with a browser and twenty minutes, using the same tools anyone probing your app would use. Here is how to look, in the right order.
If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.
If you have made something and it needs to become real, send it over. We will tell you honestly what it needs to be live, safe and yours, whether that is a quick fix you can do or a proper build. No obligation.
Whether you can name exactly what you want built, or you just know something is leaking, the next step is the same conversation.