#featuresroundup

The biggest change behind the scenes recently, has been improvements for hotlinked images (that is, images hosted on other websites and used in Coggle diagrams).

Hotlinked images are now proxied, with the files forwarded by our own servers instead of requested directly by your browser. They are also restricted in types to png, jpeg and gif images. This improves security and privacy when viewing diagrams (more on this below), and also improves performance as images can be served by Coggle's content delivery network, which can serve content very quickly anywhere in the world.

Unlike images uploaded to Coggle, there's a much bigger size restriction in the free plan for images you hotlink from your own hosting, so it's a good way to get even more out of the free version of Coggle! To hotlink an image you can use the markdown image syntax with a URL to your own image hosting, like this: .

If you run an image hosting service and want to specifically block or allow images hotlinked from Coggle, then note that the referrer for our images requests will always be https://coggle.it/ - the specific diagram URL where images are used is no longer included.

How does proxying these images protect security and privacy?

A hotlinked image is loaded directly from the server which hosts it each time it is viewed: this made it possible (at least in theory) for the server to track when and how many times someone loaded the image, and by implication when they viewed the diagram. They would have also been able to collect some information about who was viewing it (including the URL of the diagram, and which browser was being used). Now that image requests are proxied, the URLs of diagrams and your browser information is completely hidden, and only a small number of requests for the image will be made regardless of how times you view a diagram, or how many people view it.

It was also not possible to know what the external server would send when a browser requested an image - the external server could theoretically send a file of any type, in an attempt to compromise your browser. While your browser should be able to safely handle any file type, there have been cases in the past where this was not the case, so it is useful to have another line of defense in our servers, which now narrowly restrict the sorts of file types which will be loaded from external servers to your browser when viewing Coggle diagrams.

It's worth noting that we aren't aware of any cases where Coggle diagrams have been tracked or compromised using these methods, so this update is a precaution to close off these possibilities pre-emptively - it adds another line of defense to the security and privacy of your data in Coggle.

If you run a web service like Coggle, and need to proxy external images for the same security and privacy reasons we do - then drop us a line at [email protected]: the proxy service we've built to do this is extremely scaleable, efficient, and globally distributed, and we'd be interested in seeing if it's useful for you too!

Other recent changes:

Keyboard Shortcuts: You can now use [ctrl] + [s] to close and save item using the keyboard: unlike just pressing [enter] this works even if an item has multiple lines of text, and makes it easier to use Coggle entirely with the keyboard.

Improved performance of the documents list, and diagram loading for certain kinds of diagrams.

As always, lots of other little bugfixes and improvements, including style tweaks for code blocks and youtube previews, cases where the history slider wouldn't select the correct version, and in some cases did not reset correctly when closed. Fixed issues with padding of task lists, and improved performance when adjusting the permissions of people a diagram is shared with.

That's all for now! We always welcome any kind of feedback, but we're particularly interested in knowing if Coggle is missing keyboard shortcuts you need, so please reach out to us if there's something missing that you'd find useful.

As well as introducing Sign in With Apple for privacy-discerning Cogglers, we've added some more new things recently which you might have missed! Here's a roundup:

Profile Images since Apple (and Organisation SAML Single Sign On) do not provide user profile pictures, we've added some built-in profile icons to choose from in Coggle, so you don't have to be an anonymous silhouette. Find them in the Profile tab of your settings page.

Sharing Your Awesome If you have a Coggle Awesome subscription, people you're editing diagrams with can now use most of the Awesome features too.

ID-provider initiated sign-on support for SAML authentication for Coggle Organisation single sign-on.

Updated Emoji Support: Now supporting all the latest emoji (that's Emoji version 13.0).

Improved Shortcuts: You can now delete items using the [control] + [backspace] shortcut (or [command] + [backspace] on Mac), and when you delete an item using a keyboard shortcut, we've improved the way the next item is selected.

As always we've also been fixing little bugs, including one which would prevent some .mm freemind files from being imported correctly, where pasting images wouldn't always work correctly, and also made some performance improvements.

That's all for now!

Coggle has seen a significant increase in use in the last few months as more people then ever are working and collaborating from home. We've spent lots of time making sure things work smoothly, and other behind the scenes improvements, but we've also made some visible changes you might have noticed:

Keyboard navigation: Keyboard navigation now uses [ctrl] + [alt] + [shift] + arrow keys, and [shift] + [alt] + arrows can be used for selecting words, [command] + [enter] is now also supported for adding new lines in a single item on Macs. The logic for selecting items when navigating with the keyboard has also been spruced up.

Improved error pages: If you click on an invitation email but the diagram cannot be shown, the error page now explains why. Possibly reasons include being logged in with the wrong account, your access having been removed, or the invitation being cancelled before it was accepted.

Improved invitations: When a new user accepts an invitation to edit a diagram they can now easily sign in with a Microsoft account, or any new login method we add in the future ;)

Improved Organisation Members List: The Organisation members list now highlights which users are using Single Sign On, and makes it easier to see the primary email address of members.

Updated Translations: We've added improved community-contributed translations for French and German (thanks Alexandre and Johannes!)

Image uploads: Image types which aren't supported will now be converted to a supported type before uploading, where possible.

As always we've also been fixing little bugs, including one which could prevent changes from being displayed correctly in history mode for diagrams created from templates, and one where sometimes clicking back from a diagram wouldn't take you to the right folder. To help us deal more efficiently with an increased number of support requests we've also stopped providing support via facebook messages – please email us at [email protected] if you need assistance with your account.

That's all for now!