Login

Important Update: Automatic Scanning Enabled for All Schemas

We are excited to announce a significant update to our system that will enhance security and protect your data.

Dear Developers,

We are thrilled to inform you that we have implemented automatic scanning for all schemas in the system. This new feature is designed to enhance security and protect against malicious data injection. Automatic scanning is now active by default on all new schemas. We have also analyzed existing schemas and enabled the feature where necessary, ensuring that any potentially unsafe data is flagged appropriately.

What it looks like

When do we scan?

  • When you save a new or edited document
  • When you upload a document using drag and drop
  • When you use the "docly.saveFile" function from coded APIs in your published folders

Key points:

  • All user input will be automatically scanned for potential threats.
  • If you encounter an "Unsafe content detected" error, review your input for potentially malicious content.
  • In cases where you need to allow specific unsafe content (e.g., <script> tags), you may need to disable this feature for that particular schema.

Before disabling the scanning:

  • Carefully consider the security implications.
  • Ensure you're following best practices for input validation and output encoding.
  • Review our comprehensive article on "Automatic Scanning for Malicious Data" for more information on risks, best practices, and proper implementation of security measures.

More info

For more details about the scanning process and how to disable it, please visit:
https://developers.docly.net/Blog/2024/Automatic-Scanning-for-Malicious-Data%26%2358%3b-Protecting-Your-Docly-Websites

If you have any questions or concerns, please don't hesitate to reach out to the Docly team at hello@docly.org.

Stay vigilant and keep coding securely! 😊