Search this website
Google will block .js attachments in Gmail from February 13
Google has announced that it will stop allowing .js attachments in Gmail starting from February 13, 2017. A message will appear alerting the user of the security risk associated with sending .js attachments. Users will still be able to send .js files over email using Google Drive or Google Cloud Storage. When a recipient downloads .js files from these sources, Google will conduct a security scan on the file provided the file size is not too large.
The rollout is expected to last between one to three days before all users are affected, and the feature is rolling out for all end users. Users will see a message that says “This message was blocked because its content presents a potential security issue” when attempting to send a .js file. Google currently restricts a number of file formats for security reasons, including .exe, .bat and .hta. Most of these file formats are used for executable programs.
Some types of files are blocked even when compressed into archives and then attached to the email. Password protected archives, and archives that themselves contain password protected archives are blocked by Gmail. The measures are meant to prevent spread of malicious code and viruses. Documents with macros that can harm the recipient are also blocked. Additionally, Gmail reverts to Google Drive if the attachment file size is deemed too large