Free Support Forum - groupdocs.com

Viewer Watermark


#1

Hello,

Can we set watermark before show document in viewer? But it wont be embeded in document.

In our scenario,

Customers wants to documents can be viewed by users, but also they want those users not able to download, print or copy documents by printscreen or like that. We can disable download and print, its not problem. The problem is they want put watermark in document that contains user informations too, If someone copy document by printscreen, they will know who with that watermark. Its for security.

Because of that(user info in watermark) we cant embed the watermark in document. We need watermark that we can set when opening document.

Is there any way to make it?


#2

Hello,


Thank you for your request. The making of the screenshot is a system event which an’t be handled in the web. Since that it’s impossible to add watermark via GroupDocs.Viewer when user makes screenshot. The only way is to add watermark from start (when user open the document).

Best regards.

#3

Hello,

I’m sorry i told it wrong, ofcourse catching screenshots and handle them is not possible. Adding watermarks when user opens document will be enough for us.

Kind regards,


#4

Hi,


Great in such case simply use Watermark option of the widget.

Best regards.

#5

Hello,

Thank you for your help. I dont know how i missed this property but i looked it up all parameters couple times. But still i missed it.

Kind regards,


#6

Hi again,


Here it is.

Best regards.

#7

Hello,

There is a misunderstanding, i found property after you send documentation page. I looked it up all properties in visual studio before wrote this post. At that time i couldn’t find watermark property, after you’ve send documentation i found it and implement our project. Nevermind its not important :smiley:

Thank you so much again.

Just one more think, i didnt talk our customers yet but they might want this watermark in annotation’s viewer too. I can’t use this property in annotation widget? Am i correct? I’m using Annotation 1.9.0

Best regards,


#8

Hi,


Glad to hear that all is ok. We will release a new Annotation tommorow (so on monday you will be able to update) and in the new version Annotation have such option. But the only one difference from the Viewer it takes “watermarkOptions” object in which you will set all required options such as text, color etc.

Best regards.

#9

Hello,

Okay then i’ll check the new version on monday

Kind regards


#10

Hello again,

Watermarks works well, but i have a security problem with them.

If
i’m using html based engine true viewer puts watermark as html element
and anyone who knows a little bit html can delete that watermark.

After
that i turned off htmlbasedengine, with this usage users can’t delete
watermark. But still anyone who knows a little bit using debug with
browser can get document without watermark.

if you check Network
tab when browser debug opened you can see the watermark options and you
can changed them as like as you want. This is a big security breach for
our customers who want to use those watermarks as security options. If
you can encrypt parameters or something it can be more secure.

http://localhost/eba.net/document-viewer/GetDocumentPageImageHandler?path=temp\S\0B5CC73E3608D67830515EB4999C662A.Docx&width=1604&quality=100&usePdf=True&watermarkText=Hakan+Uzal+%28huzal%29&watermarkColor=2147418112&watermarkPosition=Diagonal&watermarkWidth=75&useHtmlBasedEngine=False&rotate=True&locale=en-US&pageIndex=0&dummy=1450704014958


Our some customers are willing to use watermark as document
security. They want to users can only see the document and can not be
able to export document anyway (printing document, downloading document
or save document with screen capture etc.).

Currently can we do something about it?


#11

Hello,


Thank you for your request. Viewer is built on a client-server REST architecture, where the server - just the defendant of all queries. Since that all the parameters are set on the client side (in the front-end). REST paradigm implies that there are no hidden variables on the server, everything is determined by the client. and if so, then yes, it can be regarded as a security flaw. but this is the essence of REST.

The only way for you is to use “user authentication” i.e. your customers idea has the meaning.

Best regards.

#12

Hello,

Thank you for explanation. But i have another thought about this situation. My sample request url is below;

"<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>http://localhost/eba.net/document-viewer/GetDocumentPageImageHandler?path=temp\S\0B5CC73E3608D67830515EB4999C662A.Docx&width=1604&quality=100&usePdf=True&watermarkText=Hakan+Uzal+(huzal)&watermarkColor=2147418112&watermarkPosition=Diagonal&watermarkWidth=75&useHtmlBasedEngine=False&rotate=True&locale=en-US&pageIndex=0&dummy=1450704014958"

All
parameters are set on client side ok but i think client side can not be
able to know all parameters. path, usePdf, watermarkText,
watermarkColor, watermarkPosition, useHtmlBasedEngine and ext are sended
from server to client then client set all parameters. If i’m correct
with this thought, you can send them as one encrypted string then you
can join it with other client parameters and send reqeust to servers.
Like below sample.

<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”><span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>"<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>http://localhost/eba.net/document-viewer/GetDocumentPageImageHandler?ep=EncyrptedText&width=1604&quality=100&locale=en-US&pageIndex=0&dummy=1450704014958"

Based
on my thoughts “ep=EncryptedText” will contain some parameters that
sent from server to client as encrypted. If this can be archieved,
security flaws for watermark request will be solved.

Can it be achieved?
<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>


#13

Hi again,


Thank you for your thoughts. Unfortunately you are not quite right - even if we will encrypt the parameters experienced user will still be able to make the same request with out these parameters and get document with out watermark because these parameters can’t be set as a required (not all customers need them). Since that the correct way is to use user authentication.

Best regards.

#14

Hello,

We’re not open documents to everyone to view, We’re already using user authentication. Viewing document or users can view(view, annotate, download, print) documents as based on their authorizations. We want to prevent documents distribution by users. Thats why we are using watermarks.

I want to make it more clear with my last sample.

My last sample was like below;
<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”><span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>"<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>http://localhost/eba.net/document-viewer/GetDocumentPageImageHandler?ep=EncyrptedText&width=1604&quality=100&locale=en-US&pageIndex=0&dummy=1450704014958"

Its not like below;
"<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>http://localhost/eba.net/document-viewer/GetDocumentPageImageHandler?path=encryptedPath&width=1604&quality=100&usePdf=True&watermarkText=encryptedWatermarkText&watermarkColor=<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”><span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>encryptedWatermarkColor&watermarkPosition=Diagonal&watermarkWidth=75&useHtmlBasedEngine=False&rotate=True&locale=en-US&pageIndex=0&dummy=1450704014958"

based on my sample “ep=EncryptedText”, this EncryptedText value will contains “<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>path=temp\S\0B5CC73E3608D67830515EB4999C662A.Docx&usePdf=True&watermarkText=Hakan+Uzal+%28huzal%29&watermarkColor=2147418112&watermarkPosition=Diagonal&watermarkWidth=75&useHtmlBasedEngine=False&rotate=True&locale=en-US” this string as encrypted. So if user tries to change encrypted text it wont be decrypted in server side or if user will remove all encryptedtext there will be no path parameter anymore, so server cannot be able to open document. So user can not be able to change parameters. With the way user can not be able to change watermark also it achieves using mandatory parameter because encrypted value must be exist.
<span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”><span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”><span style=“font-size:10.0pt;font-family:
“Segoe UI”,sans-serif” lang=“TR”>


#15

Hi again,


Client side can’t be able to know all parameters. path, usePdf, watermarkText, watermarkColor, watermarkPosition, useHtmlBasedEngine and ext are sended from the server to client then client set all parameters.
You have cardinal mistake in your thoughts - you think that the ClientHelper is a widget - it’s wrong, it’s just a helper which generate such string $(’#Viewer’).groupdocsViewer({ localizedStrings: localizedStrings, thumbsImageBase64Encoded:…
On the client side you can not use it at all and create your own helper (for example as we do in our MVC example project for custom dashboard).
One more time - it just helps to form a string. and not transmitting the parameters from the server to the client.

Best regards.

#16

Hello,

Okay then, i want to be sure no one can change watermark anyway. I’m trying to find a way for it, because this watermark are important for my company. Our customers have high confidential documents in our system, and they want to their documents be safe. Some users must have to see documents but also not able to distribute them. Thats why this situation is so important for us. Currently everyone that have authorization to view document can change watermark text or watermark options.

What do you suggest?


#17

Hi,


Did you manage to fix the watermark issue?

#18

Hello,

I couldn’t test it yet. When i tested it, i will inform you.

Kind regards,


#19

Maybe a solution is generate the watermark on the fly, before document is displayed.


When user opens the book, it already has the watermark inside, as if it was part of the book content.

Is that possible?



#20

Hello,

My last message was wrong. I thought this problem is different one.

I’m not tried it since than but, new version of viewer is flexible and its open source. It looks its possible to encrypt url parameters now. But i’m not tried it yet.

Generating and embeding watermark before open is not what we want. Because in our scenario watermark text always different for different users