Upgrade the diagram share implementation to be more secure
Daniel Zhang
I have to move all my diagrams off the system due to current system seems:
- By default mark all files Team file
- Team file by default is accessible via URL
- It is the same URL used by owner and the team members
- It seems even not Signed In User can access that file with the URL
This basically prevent me from using system to do any demo because the URLs can be captured easily if it is recorded. This is really big security bug and key to commercial usage.
Yoel Tadmor
Hi Daniel Zhang,
On any of our paid plans, you can change the security settings on a file and change the default for all files, so that it does not allow access without an invite. See here for more: https://docs.eraser.io/docs/sharing-a-file
Daniel Zhang
Yoel Tadmor Thank you for following up. But this is really big surprise in the world of security first reality. Also will be big blocker for any commercial intent during early experiment phase.
Yoel Tadmor
Daniel Zhang I hear where you're coming from. We're always happy to talk and make exceptions if you have something particular you're interested in trialling. You can reach out at hello@eraser.io.