Welcome to the Onshape forum! Ask questions and join in the discussions about everything Onshape.
First time visiting? Here are some places to start:- Looking for a certain topic? Check out the categories filter or use Search (upper right).
- Need support? Ask a question to our Community Support category.
- Please submit support tickets for bugs but you can request improvements in the Product Feedback category.
- Be respectful, on topic and if you see a problem, Flag it.
If you would like to contact our Community Manager personally, feel free to send a private message or an email.
Pro tip: Maintaining security when using share-via-link
traveler_hauptman
Member, OS Professional, Mentor, Developers Posts: 419 PRO
The new share-via-link feature is something that I've been waiting for a long time and I suspect some of the others using Onshape professionally have been as well. Finally when that busy client or vendor needs to see one part of the design or another I can send him a simple link that he can look at.
The feature, while desperately needed, is still early in development and creates a couple unnecessary security issues I'll talk about here.
First a quick intro on how it works.
To enable it on a document, one clicks [share], then the [link] tab, then [Make link veiwable].
To use it, you could grab the link provided, but this is a bad idea as I'll discuss below. Instead, open your document and then using the version manager, select the workspace (branch) you want to share. Copy the url that is in your browsers url bar, up to and including the workspace hash.
So if the URL is:
https://cad.onshape.com/documents/4bb08347b1881c6582789be6/w/7009164930498e4b5520326b/e/98a53442fe086cc6a5973b25
Copy: https://cad.onshape.com/documents/4bb08347b1881c6582789be6/w/7009164930498e4b5520326b
Pro tip #1: You can direct your client to the tab most relevant to the discussion in your document by including the element hash in the url. So if I want my client to look at the assembly in the above document I send this url:
https://cad.onshape.com/documents/4bb08347b1881c6582789be6/w/7009164930498e4b5520326b/e/736356dd4be6d7fb6357044a
So far, so good. I can give my client (or vendor) a link to whatever branch of my document is for his eyes, and I can further focus his attention on a particular element.
However there are 2 glaring security problems with how this feature is implemented.
The first is that it is all too easy for a client to accidentally or intentionally look at the main branch of development. If you, like me, think that making a quick branch of your document, deleting all the 'secret' guts of the document, and then sending a url link to your sheetmetal vendor will let you get some design-for-manufacture feedback, think again. If your vendor leaves off the workspace hash in the URL, he will be looking at the default branch of development and all the secret guts you tried to hide.
Pro tip #2: When developing a project where you expect to share via url, immedialy branch before doing anything else so that your main workspace for development is not the default workspace. A manipulated share-url will only show an empty document.
The second security issue is that because Onshape implemented this using the natural workspace hashes, you have to be diligent in managing viewer compartmentalization. If you were to share via url the workspace of a branch that is in continuous development, then whomever has that url will be able to view that workspace later when you don't want them to see it (but still be able to share via url to someone else).
Pro tip #3: Create new branches for each url share and label them appropriately.
I am not sure whether it's better to use natural workspace hashes and leave compartmentalization in the hands of the user, or if Onshape should create a time-limited random url for each share. Something for discussion.
I do think that allowing a url with the workspace hash stripped off to access the default workspace is a gotcha that is going to bite someone in the behind if not fixed, especially since the default url they provide in the sharing dialog also leaves the workspace hash off. It's easy to have this happen accidentally with line wraps in emails. A document url without a workspace hash really should be invalid.
What do you guys think?
The feature, while desperately needed, is still early in development and creates a couple unnecessary security issues I'll talk about here.
First a quick intro on how it works.
To enable it on a document, one clicks [share], then the [link] tab, then [Make link veiwable].
To use it, you could grab the link provided, but this is a bad idea as I'll discuss below. Instead, open your document and then using the version manager, select the workspace (branch) you want to share. Copy the url that is in your browsers url bar, up to and including the workspace hash.
So if the URL is:
https://cad.onshape.com/documents/4bb08347b1881c6582789be6/w/7009164930498e4b5520326b/e/98a53442fe086cc6a5973b25
Copy: https://cad.onshape.com/documents/4bb08347b1881c6582789be6/w/7009164930498e4b5520326b
Pro tip #1: You can direct your client to the tab most relevant to the discussion in your document by including the element hash in the url. So if I want my client to look at the assembly in the above document I send this url:
https://cad.onshape.com/documents/4bb08347b1881c6582789be6/w/7009164930498e4b5520326b/e/736356dd4be6d7fb6357044a
So far, so good. I can give my client (or vendor) a link to whatever branch of my document is for his eyes, and I can further focus his attention on a particular element.
However there are 2 glaring security problems with how this feature is implemented.
The first is that it is all too easy for a client to accidentally or intentionally look at the main branch of development. If you, like me, think that making a quick branch of your document, deleting all the 'secret' guts of the document, and then sending a url link to your sheetmetal vendor will let you get some design-for-manufacture feedback, think again. If your vendor leaves off the workspace hash in the URL, he will be looking at the default branch of development and all the secret guts you tried to hide.
Pro tip #2: When developing a project where you expect to share via url, immedialy branch before doing anything else so that your main workspace for development is not the default workspace. A manipulated share-url will only show an empty document.
The second security issue is that because Onshape implemented this using the natural workspace hashes, you have to be diligent in managing viewer compartmentalization. If you were to share via url the workspace of a branch that is in continuous development, then whomever has that url will be able to view that workspace later when you don't want them to see it (but still be able to share via url to someone else).
Pro tip #3: Create new branches for each url share and label them appropriately.
I am not sure whether it's better to use natural workspace hashes and leave compartmentalization in the hands of the user, or if Onshape should create a time-limited random url for each share. Something for discussion.
I do think that allowing a url with the workspace hash stripped off to access the default workspace is a gotcha that is going to bite someone in the behind if not fixed, especially since the default url they provide in the sharing dialog also leaves the workspace hash off. It's easy to have this happen accidentally with line wraps in emails. A document url without a workspace hash really should be invalid.
What do you guys think?
4
Comments
Twitter: @onshapetricks & @babart1977
It does, with the workarounds listed above. I get what you are trying to say, but this attitude will get you p0wned by a security adversary. It's marketing bullshit for selling cloud vs desktop and does not belong in any conversation about how you and I can maintain the confidentiality of my clients data. Talk to me about how I can provide access to the right people the right slice of data at the right time.
I'm looking forward to seeing this feature mature.
The way I responded didn't leave much room for a free and open dialog. That's not what I want. Sorry Dave.
Since we are trading one set of security holes for another, and humans remain the weak point, I don't expect information security to be the reason for choosing a cloud vs traditional system. Meanwhile I need to compartmentalize and distribute design information securely and effectively in both situations.
Sending a copy of a CAD file is not at all the only mechanism for sharing design information in traditional systems, and it worries me that you are presenting this as a supporting statement to cloud vs traditional security.
However, as stated above, the best practice for sharing information in a traditional system is not the same best practice for sharing information in a cloud based system. Let's keep the conversation focused on cloud security. Onshape has done a great job so far and every sharing capability you add helps me do my job easier.
1) One can always design parts and assemblies in different documents and use existing sharing controls.
2) You can insert a part as derived or assembly as a subassembly into a new document and just share the new document.
At current, I'm still sending screenshots since the ui is too complicatde (caddish) for purchasing directors. Adobe's 3Dpdf UI is almost simple enough but even for that I would like to strip some unnecessary menus and buttons away.
In addition, I would like to see a link to bare model - just link to single model to be able to use as webshop image or so. Neat Powered by Onshape link in bottom corner for credit.
@ptrajkumar A lot of thing can be done now that we have linked documents - BUT first we need better way to organize all those tiny 'one purpose' documents. We need tags, folders, groups or something but we need it now.
Sharing in general should have time limit option, I have already dozen documents shared with different parties and as I'm big fan of templates I might open some old doc and branch that for new purpose - being still shared with someone is not ideal in these cases.
There should be at least alarm system that pops up notice that 'doc1 has been shared with ** for 1 month without access. Do you still wan't to share [Y] [N]'
The one thing I don't wan't to do is crawl through each doc details to maintain share rights that are no more needed. Though I also have actual co-operators who I wan't to keep in share without time limits or annoying notices .