I need a solution
I was asked about a security setting in IE this morning: Access data sources across domains is Enabled by GPO it appears. In doing a bit of research, there was a blurb about that setting being required by Symantec Endpoint. Is that still the cases?
https://www.securitysift.com/cross-origin-request-forgery-pt-2-exploiting-browser-security/
You might say “If same-origin/cross-domain security is such a fundamental component of today’s web security why would anyone enable this setting?” For starters, there are several enterprise products that may require this security setting to prevent errors, including IT Analytics for Symantec Endpoint Protection, LexisNexis Pay@Work, IBM Tivoli, Oracle’s Siebel Business Analytics, and others.
0