joshuagarr 0 Posted April 1, 2011 Share Posted April 1, 2011 We've noticed this odd behavior and hope someone can explain what is going on.tl;dr: Notebooks shared with individuals are visible to anyone with the URL and an Evernote account, not just the individual(s) to whom an invitation was sent. The owner of the shared notebook cannot see that more people than intended are viewing/modifying the notebook.Long version:-All users in this example have evernote accounts.-Evernote user User1 creates and shares a Notebook with User2. They do this using the "Share with individuals" settings, NOT with Share with the world.-User2 receives the email from Evernote, clicks the link, and can now see/edit the shared notebook both online and in their Evernote client. User1, the owner of the shared notebook, can look at Shared Notebook Settings and see User2 listed as "currently shared with" and can remove their access. So far this is all working as expected, nothing out of the ordinary.-This is where it gets weird.-User2 sends the URL to User3. Either by forwarding the email, pasting it in IM, posts it on their website, whatever.-User3, clicks the URL and can see/edit the Shared Notebook originally shared by User1. -User1 is totally unaware that User3 now has access to the notebook and does not have the ability to remove their access.What's up with that? Bug or 'feature'? Link to comment
joshuagarr 0 Posted April 1, 2011 Author Share Posted April 1, 2011 Just for the sake of making sure what I think is happening is actually happening, I created a notebook and shared it with a single individual. The URL sent to that individual is:https://www.evernote.com/shard/s35/shar ... 7679a00-1/Can you see it? Can you edit it? Link to comment
Level 5* jefito 5,589 Posted April 1, 2011 Level 5* Share Posted April 1, 2011 Nope. Can't see it. Link to comment
joshuagarr 0 Posted April 1, 2011 Author Share Posted April 1, 2011 Doing more testing, but what I believe is happening is Evernote allows 1 person to use that link. Doesn't matter if it is the intended individual, just whoever gets there first. Link to comment
joshuagarr 0 Posted April 1, 2011 Author Share Posted April 1, 2011 Ok, seems to be that the link does work for exactly one person only. But it doesn't matter if that person is who you intended to share the notebook with.Is this a bug or a feature? Link to comment
engberg 89 Posted April 2, 2011 Share Posted April 2, 2011 Since you share this with another person by email address, we don't actually know which Evernote account that corresponds to until the recipient of the email clicks on it and logs in to their account. For example, the recipient of the email may not yet have an Evernote account when you send the invitation, or they may have registered their account under a different email address.Since the URL itself contains secret information, and it's only sent to your friend's email address, they should be the only one who clicks on it. I.e. the URL is not "public" anywhere except that direct email. So as long as you typed the email address, only the recipient should be able to open the note, and if you shared the notebook with "require login" permissions, then it will be permanently bound to their account on first login.So, yes, this is working as intended, but it may be a little confusing how it works, since we wanted to make sure you could share with a friend without having to coordinate with them to learn their Evernote username first. Link to comment
mdave 1 Posted April 17, 2011 Share Posted April 17, 2011 I want this same option added to individual note sharing. I want to share individual notes with certain people only (not requiring login, but limited to the recipient who clicks). I would likely use this as much as shared notebooks. Link to comment
narung 0 Posted April 19, 2011 Share Posted April 19, 2011 I Would like to add the individual note sharing with certain people only . It may be different for different people.So I like my best. Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.