Stop Malicious Code from Infiltrating Your SVG Files

If you’re a developer working with SVG or HTML files, ensuring proper security should be your top priority. Malicious code in the form of viruses and malware can infect nearly any file type. In this article, we’ll explore how Filestack’s virus detection SDK allows users can leverage Filestack Workflows and virus detection to automatically detect malicious code from the target file, thus guaranteeing a secure file upload.

Why Protect Your SVG Files?

SVG files are vector graphics based on XML. At their core, SVG files are no different than standard plain text documents that provide instructions on how to display text, colors, shapes, and other graphical elements. SVG files can also contain embedded JavaScript (JS) code, a potential vulnerability. For example, an infected SVG file can redirect users to a malicious website disguised as a reputable one. These sites often prompt users to install spyware disguised as a browser plugin or, ironically, a virus detection program. If the user agrees to the installation, their login credentials, credit card information, and other sensitive data may fall into the wrong hands.

Filestack HTML Sanitization

If a user uploads or delivers an infected SVG or HTML file, the virus has the potential to execute and spread to recipient files. Malicious code is often stored in the form of tags. Filestack users can implement a variety of parameters to remove insecure tags. The secure parameter is a boolean parameter that when set to true, will detect and strip these insecure tags from the SVG or HTML file. This process, called HTML sanitization, will not affect most basic formatting tags, but will remove complex tags that run scripts, call objects, embed files, or link to potentially dangerous sites. Sanitizing SVG and HTML files helps prevent cross-site scripting (XSS) attacks.

Users with additional security needs can use another boolean parameter called strip. Setting the strip parameter to true removes embedded metadata at the source, purging malicious code hidden within. Filestack’s file picker allows users to strip the exif data on the client side, allowing for a secure upload, every time.

Secure Transfer and Storage

Filestack’s API automatically encrypts files during transfer and storage, minimizing the risk of data theft. When working with SVG, HTML, and other file types, it is vital to protect the files’ data no matter which direction it travels. The gateway you use to facilitate file transfers should also be able to handle large amounts of data. Filestack allows users to securely upload and store a variety of files across desktop and mobile devices without sacrificing speed or ease of use.

Access Control

After you identify the infected file(s), it is vital to determine who can open, modify, and transfer those files. Any user who accesses malicious code risks having the virus spread throughout their system. You may choose to grant access to specific administrators and temporarily deny access to general users until the files are sanitized. If you believe the risk is minimal, you can allow general access and notify users of a potential security threat.

Unsecured file upload and transfer often allows malicious code to propagate. As such, it is vital to provide a single secured gateway for file upload to your application. With Filestack’s virus detection API, you can ensure that user files are screened and deemed secure for transfer and storage. Virus detection within Filestack Workflows will quarantine malicious programs until they’re able to be reviewed. Taking these precautions will help prevent infected files from spreading, protecting data on both the application and user ends.

Security Policies

Users can also configure individual security settings for an application through the Developer Portal. Filestack uses Base64URL-encoded Javascript Object Notation (JSON) “policies” to authorize specific actions and HMAC-SHA256 “signatures” to authenticate them. Each application uses an automatically generated secret code to sign. A secure application generates and signs temporary policies for users. If compromised, the secret can be regenerated, but doing so will invalidate existing signatures.

Security is the standard with Filestack’s API and is inherent within the platform. Using policy strings, users can not only modify existing files and account settings, but also upload and deliver new files. Each policy string must contain an expiry value and can contain any number of policy values and calls. For example, the exif call gets metadata from image files. Users can set limits for file size, upload, delete, save, convert, and run workflows among a number of other commands.

Filestack’s GDPR Compliance

On May 25th, 2018, the European Parliament and European Council enforced the General Data Protection Regulation (GDPR). The law aims to increase personal data protection and individual rights. It regulates how personal data is collected, stored, transferred, and used. Filestack is proud to be fully compliant under GDPR standards and certified under the EU-U.S. and Swiss-U.S. Privacy Shield Framework.

GDPR is a new comprehensive law that strengthens the protection of “personal data” and the rights of the individual. It regulates the processing of personal data about subjects in the EU including its collection, storage, transfer or use. It gives data subjects more rights and control over their data

Filestack strives to continuously improve services to provide users with secure, versatile, and effective tools for file management. Having advanced security tools on hand helps protect your data and build trust with your customer base. To get started with Filestack Security and see first hand how to guarantee secure file handling, sign up for free today.

Read More →