translations
Supabase security glossary in Tiếng Việt
Browse localized glossary terms in Tiếng Việt. Each page exists only when translated copy is available, and links back to English canonical pages for deeper technical detail.
Supabase security glossary pages in Tiếng Việt
These are localized versions of selected glossary terms.
They are optimized for native-language search intent and cultural clarity, not word-for-word translation.
Translated Supabase security terms in Tiếng Việt
| Term | English summary | URL |
|---|---|---|
| Admin Panel Client-Only Auth | Admin Panel Client-Only Auth is a Supabase security risk where admin protections live in frontend checks instead of enforceable backend authorization, . | /translations/vi/glossary/admin-panel-client-auth-only |
| API Cache Leaks Private Data | API Cache Leaks Private Data is a Supabase security risk where shared caches return user-specific responses to unauthorized sessions, . | /translations/vi/glossary/api-cache-private-data-leak |
| Audit Log Table Publicly Readable | Audit Log Table Publicly Readable is a Supabase security risk where diagnostic or audit tables become queryable by client roles, . | /translations/vi/glossary/audit-log-public-readable |
| Auth Role Claim Confusion | Auth Role Claim Confusion is a Supabase security risk where role mapping is ambiguous and grants unintended privileges to users, . | /translations/vi/glossary/auth-role-claim-confusion |
| Billing Webhook Idempotency Gap | Billing Webhook Idempotency Gap is a Supabase security risk where billing events are processed multiple times and create inconsistent account states, . | /translations/vi/glossary/billing-webhook-idempotency-gap |
| Broad DELETE for Authenticated Role | Broad authenticated DELETE grants allow any logged-in user to remove rows. | /translations/vi/glossary/broad-authenticated-delete |
| Broad SELECT for Authenticated Role | Broad authenticated SELECT grants let every logged-in user read sensitive tables. | /translations/vi/glossary/broad-authenticated-select |
| Broad UPDATE for Authenticated Role | Broad authenticated UPDATE grants let every logged-in user change other people’s rows. | /translations/vi/glossary/broad-authenticated-update |
| Broken Object Level Authorization (BOLA) | Broken Object Level Authorization happens when each object is not validated against the requester, letting attackers read other users’ data. | /translations/vi/glossary/broken-object-level-authorization |
| Bucket LIST Permission Too Broad | Bucket LIST Permission Too Broad is a Supabase security risk where list permissions expose object inventories that assist targeted abuse, . | /translations/vi/glossary/bucket-list-permission-too-broad |
| Bulk Export Endpoint Overexposure | Bulk Export Endpoint Overexposure is a Supabase security risk where export APIs allow high-volume extraction without strong authorization and limits, . | /translations/vi/glossary/bulk-export-endpoint-overexposure |
| Client Role Grants (anon/authenticated) | Client role grants (anon/authenticated) create an API surface, and misusing them exposes data to any client. | /translations/vi/glossary/client-role-grants |
| CORS Misconfiguration in Edge Functions | CORS Misconfiguration in Edge Functions is a Supabase security risk where permissive CORS allows untrusted origins to trigger privileged flows, . | /translations/vi/glossary/cors-misconfiguration-edge-functions |
| Cross-Schema Data Exposure | Cross-Schema Data Exposure is a Supabase security risk where objects in unintended schemas become reachable through grants or API exposure settings, . | /translations/vi/glossary/cross-schema-exposure |
| CSV Import Trusts Client Columns | CSV Import Trusts Client Columns is a Supabase security risk where import flows allow users to overwrite sensitive fields through crafted headers, . | /translations/vi/glossary/csv-import-trusts-client-columns |
| Data API Custom Schema Misconfiguration | Data API Custom Schema Misconfiguration happens when teams move to a custom exposed schema but leave permissive grants, search paths, or legacy objects that keep data reachable. | /translations/vi/glossary/data-api-custom-schema-misconfiguration |
| Data API Public Schema Exposure | Data API Public Schema Exposure occurs when sensitive tables remain in exposed schemas, making direct REST or GraphQL access possible with client-side credentials. | /translations/vi/glossary/data-api-public-schema-exposure |
| Database URL Leaked in Client | Database URL Leaked in Client is a Supabase security risk where database connection details leak into browser bundles and deployment artifacts, . | /translations/vi/glossary/leaked-database-url-in-client |
| Default Function EXECUTE to PUBLIC | Default Function EXECUTE to PUBLIC is the risk that newly created routines remain callable by broad roles unless explicit revokes/default privileges are applied. | /translations/vi/glossary/default-function-execute-to-public |
| Default Privilege Drift | Default privilege drift happens when inherited grants become permissive, exposing every new object you create. | /translations/vi/glossary/default-privilege-drift |
| Dependency Drift Misses Security Updates | Dependency Drift Misses Security Updates is a Supabase security risk where stale dependencies keep known vulnerabilities in critical runtime paths, . | /translations/vi/glossary/dependency-drift-security-updates-missed |
| Edge Function JWT Verification Gap | Edge Function JWT Verification Gap occurs when function handlers skip or misapply token validation, allowing unauthorized execution paths. | /translations/vi/glossary/edge-function-jwt-verification-gap |
| Edge Function Service Role Overuse | Edge Function Service Role Overuse is a Supabase security risk where service role credentials are used in functions that only need limited permissions, . | /translations/vi/glossary/edge-function-service-role-overuse |
| Environment Parity Security Drift | Environment Parity Security Drift is a Supabase security risk where security controls differ across dev, staging, and production environments, . | /translations/vi/glossary/env-parity-security-drift |
| Expired Signed URL Caching Leak | Expired Signed URL Caching Leak is a Supabase security risk where cached responses keep files accessible after signed URL expiry windows, . | /translations/vi/glossary/expired-signed-url-caching-leak |
How to use translations during remediation
- Read the localized introduction for context.
- Use the English term page if you need deeper technical detail.
- Apply templates and conversions (still in English in this initial scope).
- Verify fixes via direct access tests and re-scans.
hreflang mapping
- This language uses hreflang:
vi-VN - Each term page links to its English canonical URL and sibling translations when available.
Internal linking strategy
- Parent: /translations
- Siblings: other translated terms in this language
- Cross: English glossary term and related templates/integrations
How to keep terminology consistent
- Use consistent translations for key security concepts across all pages.
- If you keep a term in English, define it clearly in the native language.
- Prefer clarity over literal translation when intent differs.
Common translation pitfalls
- Publishing low-quality auto-translations (skip pages without real localized copy).
- Skipping verification steps and relying on UI behavior.
- Fixing only one environment and assuming others match.
How to add more translated terms
- Start with the highest-impact terms (the ones tied to real fixes).
- Write a localized introduction that matches native search intent (not word-for-word translation).
- Include practical guidance: how to detect the issue, how to fix it, and how to verify direct access is blocked.
- Keep links to the English canonical term and to implementation pages (templates/integrations).
Next step
Open a translated term page, then follow the links to templates and conversions if you need implementation guidance.
FAQ
Do translated pages replace the English pages?
No. English pages remain canonical. Translations help serve users who prefer a native-language explanation, with hreflang mapping to guide search engines.
What if a term isn’t available in this language?
It won’t be generated. That prevents thin or placeholder translation pages.
Can I add more languages?
We expand language coverage over time. If a term isn’t translated yet, use the English canonical page for maximum technical precision.
Next step
If a term you need isn’t translated yet, use the English canonical page and follow links to templates and examples to apply and verify the fix.