Security

Security for controlled Markdown review.

Edith protects drafts, feedback, assets, review links, share links, and AI access with product controls that keep collaboration simple.

Talk to us Read AI setup

Control plane

Built around least surprise.

People get clean web workflows. Agents get scoped MCP access. Links stay bearer-style but random, hashed, revocable, and bounded by document context.

Passwordless

One-time email codes, no reusable password database.

Hashed tokens

Session, login, review, share, and MCP secrets are hashed at rest.

Scoped agents

MCP tokens carry explicit scopes and can be revoked.

Sanitised Markdown

Raw HTML is dropped before rendered document output.

Passwordless auth

Sign-in uses first-party email one-time codes. Login codes are hashed before storage and expire quickly.

Protected sessions

Session tokens are stored as hashes and sent through secure, HTTP-only, same-site cookies in deployed environments.

Browser request safety

Browser form posts use CSRF protection. Login-code requests, OAuth token flows, and anonymous review writes are rate limited.

Review and share links

Review and share URLs use random tokens; Edith stores token hashes and supports revocation from document sharing controls.

MCP access controls

AI clients connect through scoped MCP access tokens or OAuth flows. Tokens can be scoped to read/write areas and revoked from settings.

Markdown and assets

Markdown raw HTML is removed before rendering. Comments and suggestions are escaped. Workspace assets require workspace access; public review/share asset routes only serve referenced files for the matching link.

Edge and origin

Protected before traffic reaches the app.

Edith runs with Cloudflare in front of the origin for DNS proxying, strict TLS, HTTPS redirects, managed security rules, and coarse abuse limits. App-side limits stay responsible for workflow-specific protection.

Origin control

Production firewall rules restrict web traffic to Cloudflare IP ranges.

HTTPS first

Cloudflare enforces HTTPS and Full (strict) TLS to the origin.

Abuse filters

Managed rules and coarse rate limits protect common anonymous endpoints.

Agent aware

MCP routes avoid broad browser-only challenges unless abuse evidence justifies blocking.