Validate ONE Files: Magic Bytes & Python/Node Examples | FileSignature

Magic Bytes

Offset: 0


            7B 5C 52 E4

The ONE file format is a proprietary binary format developed and maintained by Microsoft as the default storage container for individual OneNote notebook sections. It is primarily utilized for organizing free-form information, including typed text, handwritten notes, drawings, and multimedia elements within a hierarchical digital notebook structure. Although the binary structure is generally safe, the format supports embedded attachments, which actors may exploit to deliver malicious payloads or links if the source is untrusted.

Extension

.one

MIME Type

application/onenote;format=one

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .one files in Python

Python

def is_one(file_path: str) -> bool:
    """Check if file is a valid ONE by magic bytes."""
    signature = bytes([0x7B, 0x5C, 0x52, 0xE4])
    with open(file_path, "rb") as f:
        return f.read(4) == signature

How to validate .one files in Node.js

Node.js

function isONE(buffer: Buffer): boolean {
  const signature = Buffer.from([0x7B, 0x5C, 0x52, 0xE4]);
  return buffer.subarray(0, 4).equals(signature);
}

Go

func IsONE(data []byte) bool {
    signature := []byte{0x7B, 0x5C, 0x52, 0xE4}
    if len(data) < 4 {
        return false
    }
    return bytes.Equal(data[:4], signature)
}

API Endpoint

GET /api/v1/one


              curl https://filesignature.org/api/v1/one

Magic Bytes

Validation Code

How to validate .one files in Python

How to validate .one files in Node.js

API Endpoint

Related Formats