Guides

Security

Integrations.js security overview

Suggest Edits

User Data

Integrations.js is designed to never send data to any 3rd party (including integrationsjs.com) except those that integrations are built for. For example, dataset context stay in the user's browser until they use an integration like Google Sheets export, at which time their data is sent to Google directly via client site API call.

Whitelist Javascript Origins

In order to prevent 3rd parties from using your api key on their site, integrationsjs.com accounts can be configured with whitelisted Javascript origins. These can be configured by logging into your integrationsjs.com account and visiting the advanced configuration page: https://www.integrationsjs.com/dashboard/advanced

Report Security Issues

Blockspring takes security of our software very seriously. If you discover a security issue in the integrations.js project or the integrationsjs.com hosted service, please email the details to our security team at [email protected]. We will respond to confirm the receipt of your message and follow up with a review of the issue and plan for mitigation. We follow responsible disclosure and will credit researchers when a security issue has been identified and mitigated.

Details to include when reporting an issue

  • Steps that can be taken from initial installation of the integration to a point where the vulnerability can be observed
  • Any suggested patches or fixes you may have in mind to mitigate the problem
  • Any other relevant information like domain names, urls or account emails that are required to replicate the issue.

Reminder: Please do not report security issues via github issues

You can use the following public key if you would like to encrypt any communications

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP v2.0.51
Comment: Blockspring.com PGP Key

xsFNBFbT6vUBEAC9ZSlr9CWipJzbzF43zzZltJsNVnqIAOruInwR0sr/Nig0TLoX
UtIb+85MZFJDYLcsT7GjxFpWEuhOg0C0OFEn54AHWiNhMrLZi1zXUqWTruFpJcqm
RRTnQ0EBDEGO2tijG9Kh/gq6Wy3uVDNA4hQNcVqxrbwvPzmijsDG35dI+PeRIVbo
3YKU99bKnHMoFsHLbKQGAx9crFbuCi+ctAAtikn3hrdYY2y+TFBOnecLWWsyuzix
7lXBX3+yf5ik7bMeuQrOai2xtvkD3BEFW0KC1Mk6CB+AnMNgCS0Jcse45hnKfcr4
t8Ak39uWixLgoMzMMAqEPY3/JU++/vZ9Kv98ZWwWFo03eK8YzBcl/5lA5a7WczMG
gdb+SXkLYKlInznQi6x1Zne+ncN89WNatiBUfbyf8EA7UN73elcMeOifUGCTe3WL
Ols8ZJx+JRjVZcVQdbYZPjhyNqZA0maqirrPy610KzIV+OMX1KIyPkyW9daDeVmB
ta04ud1uWY0A85DGxmW0JlFWCOpVzzfy0ZzNY6Kig7ArjalNUR/VlxGNHyQquoON
n1qkKPKlkaCr+bMtYDhir8pTN4dRw/z6yItvrYesbWxWPDmGbtoTN+PFmDOimaNV
eQcRGYlosY1eXaNCuyX8G4hcpTmdQeui70ObsGP2vfvTGrpfo3/uCUbqYwARAQAB
zSZCbG9ja3NwcmluZyA8c2VjdXJpdHlAYmxvY2tzcHJpbmcuY29tPsLBdAQTAQoA
HgUCVtPq9QIbAwMLCQcDFQoIAh4BAheAAxYCAQIZAQAKCRCIgflED9jf+ewMEACJ
CKNr2kqU4p2D/TOJTJZN3nrV2G34veS7fN4b/m955/h36P+y7unGyjPwehcS1lB/
a8goEIlm7R/PE2zDNU2l1Gzv5NJ230rLANPZn8AP/R3X0PvUr71bh0A+bTf5fUcp
DkdeKuLYQ6aQ8aM9Z32k6fbFZddvpL9/U6W5Ap4WMga9CNJ1CJX5ndGoEoWfnVZx
4WtsDkxcn9Zi/8xKcGNLkNjDS4t0iSLB72t/yLjySQwgrpjtT99ox2OcTMUq2ncl
4Rpis00MD2tSAqcMPKRWekozur+xtGsUNkPmOKQzTJzRfSCb+dplIjjiQoWwUIKw
ATrRgYbAZ7VS5+9599oVQngcWZYGaCAJw51c3+97DE+W8SssuNYtmMMQ+6d8d9JK
2u530/yurf6XHSZzkQdMSFIy9o0SpOeswN2JoGu97UXeX1oJPZGSkb9RM8Fk697i
F5l59ViVKkTdfEFZ1Rv/7ia4y6jK3CPu7/9x2CPvdEVuSI/BPGuk/zapr8kiN5o0
+MAJdEag/uYTbOIE4J8Om04A5uJmvbm4gTKk9FR3juSn543RxSSD4rr74eyoUapf
klrOnK6xEicXXAkKOZWPqUYzhXI+WRceR8nZJ7cLS/sX9QnVaVulnScN9hgUsN5V
9mOY8f1uo9+mF8eYD/JwgJ2fCfxcSecpwJeAmCIJZM7ATQRW0+r1AQgAtinjZ80V
2Lh21W2USyQWryZ8r9fU8RZZ9Pp2MQNWCo5FWTZjp8L/uqIvTVUwHxcqfeVMGNkn
yXH3KbSxKQjQYFN9IGUIUmsAIaGmP2wG7kHDSt07ENSJ5yfwEXlWFi7hTsX731yw
f4/LlalDZWc5zVCYB9vsy97vmWFxv3ZUw0lr0F+n8YGGJyb/xqwSfABlUbvnmPcq
q6CGF7dpghE0ouE6hOl6uzzHWTQKEM2uHoOMd7PyLIIaoN46UmDGSALwJt7x4VaP
sGun617t446nCj+y5ts1/WKNR8ZOhC2gZQ3cYAamna9zTRPjLdJ8tOh/g/39rcDl
CdATJZPRrLZmiwARAQABwsKEBBgBCgAPBQJW0+r1BQkPCZwAAhsMASkJEIiB+UQP
2N/5wF0gBBkBCgAGBQJW0+r1AAoJEO3jdcesg9C2GoEH/33oYKR66OfEVPeiPJI9
MxT6HN7Kw2Qj+3nOUbgXngNNXAVnHdycGdxK6jygXIiv6VbGzNmTztGGiZ93l350
T5mSasSAVVN7U8GfkVkaaT6bNRrXtHSXJw1ja/KS92DTWC8TXlcP6FeGCLa4wz4h
nClAWAmoE2Nit893aea7AphBfBG6ZIchjaswBYOX/rWpU/uVNZWs0/DwwgaQS/Jk
hEn4sGANLjiCHViY8DHYStTM53nuU5NEf9245j8qs/1Qj/52jkXNZZcC8Ax+/qAa
ked7eOEpnIibGYhMYZe7Cll7Uc340CgXNtci0WCy5l7ox52IOpqe9D0xn7xYJElZ
l6JtUxAAo8i/efZXEhxdX89ilQLRVCU8TqlY/TMpX/nVjMBKDSufANcW0dwDp9NK
EuqmMoZYp6cI7YYHLRrcOrPyfWU3YQPkucjBnH8FHLPwvrsSZPdLx7AGvzUayRBv
w7WGb9S5aCRI5ODoaYZYb9UVgIiVBIFfm0iZHPjnfrxkjlLSFq8DWus6yG26uUx8
ZyVVDTAZ3NoINYMudbEyPkpUYb+Pc3qPcmBujUBPWhqtDyXVOgMk9Ij4ShIsUptx
+gb+sgLGtTTnXLx+2lqgty+2GB73E+wFGqsrKOd56OCKi39ZibSeeTC6jN8xktsC
LG3buu6FFe6Kv8yBTAXYHw8X/7SY3iSFy0MxUv0yZWWAsJ+ytrHIpUgl4hivl9+s
SDPTpyrfqOEdoH/DKf+e40DXfCd3USI01khbki/iARsl4eDupNH/lReVbt9dYmM4
TKfmwqgKyEkTh+FVOJOfbeBu3t3rfkGgsUkZ8Uxc8S4mPtdFLxdIg7ooS3RvdYya
TQumSni8piEqkj6vKjgbhzCaa8sVOkwj3UijO0lpOQFnAxNMsy028/lSt4APM06e
sSWcM04NZPkN3e+nGzMzG/M1qrRkXZjMD24rEwK/zIU08Kn4kLDtPViJ7x8Bk8Qo
UgzyaIWOp6yj6AJy+Wt1rJ01AdsW7pF7oIWVE8IK8fomp9Cv1m3OwE0EVtPq9QEI
ALKnvW6x3Zd/KHq6ODyaazhqqAZ8ir2LGsgopPQDgK7drhaBlFRLWzmmr/ZW2sfu
wocJcQ/EMAoYGeSA+lK0lIlnDu3xDlQBo1GG38BIQReFxCBbpaOFYn5tPzHwBrRs
LwYY6opOTbyCES+OOW6CVPpNWYZ7fTNyBSI7o9vQ70HRNmQr0p53y5kTwCruCCL9
FVl1n08c2kFINpjn71/j+t7m6P7T0qmRcgehSIce+KtDzcFEhP0MNSyArIXSzVIR
gaesoKhJ+KGWzL2LRi7xjqF6zcgfuMLRD5HyQVASTsR2NCzIA8JJKXSfLeJCMVBT
2jWE14NH1kUEkoNie5jtUf0AEQEAAcLChAQYAQoADwUCVtPq9QUJDwmcAAIbIgEp
CRCIgflED9jf+cBdIAQZAQoABgUCVtPq9QAKCRB5u9gqCoU/m+RVB/0c6oJrBT1/
fbXzeiPPKSich8OIBo+fzgitlEPCes9YM+w4cHKQlQgqqqg5SEqbDJ0BXl9pOGGx
lBjbrhs5IqBcg0iw52SSIcJIfJ+ZPYiBaaAZri+726l4za40ebE1AVbMkUAjaZjr
ZxHYtIGiTW8Dl6hD0mSRlf+chU8Fm4qAyXVLzC5qH2ns48nYuCZzVV4VtGx1ockO
H6N2sQ434DYz7un253SuX3yYpHjS+Qdg47o+Gabj84BxNBhoI6ati/IkWN5LzIlq
4FI8ymKND51tDtG22KHkXtE+XYX5shRfBKx/06x+wEseNi0HxuYyjhl9wjZ8gA90
wHBqP7JWfAtgIN4P/i8hkHxmuEP0BKbAi/bjJEY9kTv45wO8/fjBNn3zslnA+B2s
k8EcixqN/PJ4szOrQgdys+Uk/IxfMRwQVQbVF0IgJnQ9lklxvlv4SrvRLxDgx5/c
e9FsmGC3ZGRAPwpn9mnKWY+VZPr7ejMoVPJWp/gMApzyr99KJjuq+fpZ+imkvTD5
ZCXF28qG6aWzdZAllJRORqeEp61IzHGqSYoX43Xiy1GOQ65AHiuzEwVMI9y4X4hH
+d6ne2vME48SN4ZCQqBy5lij1wB13guRX48rMP3QOkQAQhAmXSX6DvOkd6vVe1F4
oX6PGJ8qS/SWsD4Op3vXqQEM83GP0BfMgoH33rNN9EdMh7eBs0w7PgI85NDqh/fR
j5501nRvuXlETNarf+YJdSXPAt0YT7hzqa6+qFXTKc3tEPTqZcc5JaiLDtTv6KGF
l/IpSYv0mT6tL56tTbm5uQ0NxwLwHfGmyIXRYuvWE70ipMt4jRn53vTXMrfCUk+c
KOi7bWw9mUp8paF4NZG9a3YmlF6c+E7IHWXTsrgrBHf9kZq9KdllfUrHj1IbIy31
0FLLe/NVb4RxKb7GMDC4LGNR18X+WYUacG9lQgR00XZZFofh5Hjvv8xc47MQJNVa
gHHCrOwst4sQCqFid/CV3zmjQiSOJ23eCFPHPjtiyh0GwWc4HyFXB8pTUv1k
=MQe0
-----END PGP PUBLIC KEY BLOCK-----

Updated over 4 years ago