-
Notifications
You must be signed in to change notification settings - Fork 183
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Google flagging DT tables as virus/malware? #1080
Comments
Have you a reproducible example (reprex) ? If your html is from DT, the issue could be from :
If your html is from Rmarkdown, the issue could be from :
In general html files are blocked when there is lot of javascript within. PS: I am simple developer, not from rstudio/DT team. |
Hi @philibe . I believe there is nothing special about the file causing issues other than the DT datatables and a ggplot. In any case, here it is: report_PROBLEMS.zip Googling around, it seems jQuery 3.6.0 (the version embedded in the html created) seems to have some sort of security issue: jquery/jquery#5062 Maybe an update to the jQuery library used by DT is needed? |
After some more digging, I started deleting bits from the html file (report_VIRUS.html) inside reports.zip, and attempting to attach the resulting file to a gmail message. The original file would trigger a "Virus detected!" message. Getting rid of the jQuery code, and any others I tried, did not solve the issue. The completely absurd way to get rid of the problem was to delete the following comment (yes, only the comment):
That is the only difference between the two files attached. The resulting file report_OK.html passes the Gmail virus detection: |
That's funny... Thanks a lot for the investigation! Could you try to only delete |
Oh, just for fun, I was curious about what exact part in that comment was causing the issues. And of course, is the So, this will cause the issue;
But this is completely fine
|
Oh, you posted this just as I was trying that and responding! :) |
Okay, I'll get rid of |
Let me know if you want me to do a Pull request! 🤣 (kidding, of course) Thanks! |
IMHO it's too heavy (11Mo of rds), too complex html (many many js in html). Instead of big html:
And in html there potentially suspicious elements for Google:
I wont be surprised that Google don't like base64 javascript in uploaded html files I don't think that Rmarkdown was thinked and usable for export in its html form within javascript Rmarkdown engine inside. Even it was thinked for that, I could understand that Google blocks sometimes these big and complex html file. :) |
Parentheses deleted. I'll make a new CRAN release soon. |
FYI the new version is on CRAN now: https://cran.r-project.org/package=DT |
Starting a few days ago, after sharing in Google Drive Rmarkdown html reports with a few
DT::datatable()
tables, I received emails from Google Drive Safety (drivesafety-noreply@google.com) with the following content:The html report in question is just a bunch of DT::datatable() tables in tabsets.
Afterwards, I received a second email from Google Policy Violation Warning telling me
If this behavior continues, your access to this product may be disabled.
(this product being Google Drive).I posted the issue in community.rstudio and Kim.Cressman pointed a related issue when attaching html files with DT tables inside in Gmail.
Any idea about what is happening and how to avoid it? Not being able to share the html reports with DT tables inside, and/or risking losing access to Google Drive is very disrupting...
Thanks in advance!
By filing an issue to this repo, I promise that
xfun::session_info('DT')
. I have upgraded all my packages to their latest versions (e.g., R, RStudio, and R packages), and also tried the development version:remotes::install_github('rstudio/DT')
.I understand that my issue may be closed if I don't fulfill my promises.
The text was updated successfully, but these errors were encountered: