search cancel

HTTP Inline text does not detect data for http://csvjson.com/csv2json

book

Article ID: 238570

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent

Issue/Introduction

Some websites are used to convert the data from CSV to JSON. 

If you type sensitive data in CSV and click on convert, data can be seen in JSON even though policy should block the sensitive data. No incident is created.

Websites with this issue:

http://csvjson.com/csv2json

http://www.jsondiff.com/

Cause

The reason we don't see the detection is that the data is not going over the wire.

The way the website works is that it downloads a script - http://csvjson.com/js/csvjson.min.js - from the website which then executes locally to transform the data entered on the left-hand side from CSV to JSON on the right-hand side. This is done without any network calls.

 

Resolution

In HTTP detection. DLP agent only detects the data when it's going over the network. In this case, as the data is getting converted locally no detection is taking place. 

Additional Information

About endpoint network monitoring