ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

HTTP Inline text does not detect data for http://csvjson.com/csv2json

book

Article ID: 238570

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

http://csvjson.com/csv2json is used to convert the data from CSV to JSON. 

If you type sensitive data in CSV and click on convert, data can be seen in JSON even though policy should block the sensitive data. No incident is created.

 

Cause

The reason we don't see the detection is that the data is not going over the wire.

The way the website works is that it downloads a script - http://csvjson.com/js/csvjson.min.js - from the website which then executes locally to transform the data entered on the left-hand side from CSV to JSON on the right-hand side. This is done without any network calls.

 

Resolution

In HTTP detection. DLP agent only detects the data when it's going over the network. In this case, as the data is getting converted locally no detection is taking place. 

Additional Information

About endpoint network monitoring