Offline Viewer has multiple features that makes it appropriate to use in high security environments, and easy to use on devices that don't have a reliable internet connection.
All Offline Viewer security settings can be controlled by using a configuration file. Offline Viewer uses the highest possible settings by default.
Prevention of external connections
By default, Offline Viewer will only open HTML5 outputs that are distributed as an offline package (.ofln), and will only display files or load assets contained within that package. It won't load any external resources or make any external connections, including internet connections. That means external URLs won't work (such as those to files, images, videos, or other websites) nor will any functions or features that require an internet connection (such as Disqus).
Checksum validation
By default, the Offline Viewer performs a checksum validation before opening an offline package. It will search for a checksum file within the package containing the HTML5 output, then validate it. If the checksum file is missing or invalid, it won't open the output. This reduces the likelihood that the package has been tampered with.
The checksum file can be generated in two ways:
The Offline Viewer can also be configured to perform a quick checksum (check for modified file sizes only) instead, or to skip the checksum check entirely.
Security recommendations
-
Ensure your devices are using the latest version of the Offline Viewer. The Offline Viewer is available to download on the Author-it Community website, and is released on the same release cycle as Author-it Cloud.
-
Add OfflineViewer.exe as an exclusion of your anti-malware solution.