cpg
commented
6 years ago Maybe we could use an outgoing referral header for any accesses?
i.e. the referrer has to match the full domain of the MK url.
Open cpg opened 6 years ago
cpg
commented
6 years ago Maybe we could use an outgoing referral header for any accesses?
i.e. the referrer has to match the full domain of the MK url.
cpg
commented
6 years ago Removing high priority, as, arguably, the web app should not link outside anyway to begin with, though this is still possibly useful to many.
Whitelist one or more domains or subdomains, so user cannot browse outside of domains in that list
The main issue with this is how to cleanly allow access CDNs, e.g. for JS, images/css (cloudfront), etc.