Skip to content

Secure File Viewing

Overview

Secure File Viewing lets users preview supported attachments directly inside the authenticated UnoLock client instead of forcing export to external apps. This keeps sensitive content inside the same browser security boundary used by the vault and messaging flows.

The goal is to reduce accidental disclosure while preserving usability: render in-app when possible, decrypt client-side, and avoid unnecessary persistence.

How It Works

  • Client-side decryption: Files are decrypted in the browser during an authenticated session; plaintext is not sent back to the server.
  • In-app rendering: Supported formats (including PDF, images, audio/video, text-like files, and DOCX) can be viewed inside the client UI.
  • Sandboxed text/DOCX preview: Text and converted DOCX content render in a sandboxed iframe (sandbox="allow-scripts"), isolating preview content from the main app context.
  • Hardened PDF controls: PDF viewer download/print/open-file and editor tools are disabled in the embedded viewer configuration.
  • Ephemeral object URLs: Blob URLs created for inline previews are revoked when the viewer closes, reducing leftover in-memory references.

Security Implications

  • Reduced exposure surface: Keeping previews in-app lowers the need to open files in third-party software.
  • Zero-knowledge alignment: Content remains encrypted at rest and is decrypted only on the client at view time.
  • Compartmentalized execution: Sandboxed preview rendering and CSP help limit the blast radius of malformed content.

Important Limits

  • No web app can guarantee screenshot prevention: OS-level screenshots, cameras, or compromised endpoints remain possible.
  • Endpoint trust still matters: If a device or browser is compromised, viewed data may still be exposed.
  • Use operational controls for high-risk material: Combine secure viewing with hardened devices, short sessions, and least-privilege sharing policies.

Use Cases

  • Reviewing sensitive attachments without immediately exporting to local disk.
  • Validating inbound files in Vault Messaging before deciding whether to save or process them.
  • Handling one-off disclosures from UnoLock Drop while minimizing additional handling steps.

FAQs

Does Secure File Viewing block screenshots?

Not reliably at the OS level. Secure File Viewing reduces exposure inside the web app, but no browser application can fully prevent endpoint capture.

Does UnoLock decrypt files server-side for viewing?

No. Viewing is client-side; the server does not need plaintext file content for preview.

What is the current UnoLock Drop URL?

The sender-only Drop client URL is https://drop.unolock.com (legacy vaultx.unolock.com links should be migrated).

Compliance & Privacy

  • Privacy-first design: In-app viewing supports data-minimization goals by reducing unnecessary file exports and keeping decryption client-side.

Integration with Other Features

  • Vault Messaging: Securely review received attachments before save/import workflows.
  • UnoLock Drop: Receive Address submissions can be inspected in-app after decryption.
  • FIDO2/WebAuthn authentication: Viewing happens inside an authenticated Safe session.