We’re installing a new app on a secure network. The vendor has requested we allow access to gstatic.com. That seems overly broad to me and unsafe. Thoughts?
Based on this quick article, softwarekeep.com/help-center/what-is-gstatic-com#…. It feels like just allowing all of gstatic is a bit of a security nightmare. I’d push back and have them identify the parts of gstatic they actually need for their website to work and allow those.
Alternatively, if this application needs a cdn but is only intended for local hosting in the secure network, perhaps a locally hosted cdn could be a good idea.
Without knowing the security in place it’s hard to do much beyond give general maybe this or that.
[Texas Tribune] “We are dying”: Houston workers protest new state law removing water break requirements ( www.texastribune.org )
archive.is/2CsfM...
Is gstatic.com safe to whitelist on a secure network?
We’re installing a new app on a secure network. The vendor has requested we allow access to gstatic.com. That seems overly broad to me and unsafe. Thoughts?