Cross-Domain Misconfiguration

## Before you describe your issue, idea or feature, please consider using this issue template.

## Type of issue:
- [ ] Bug / Error
- [ ] Idea / Feature
- [ ***] Improvement detail

## Short description on the issue
Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server


## Possible fix
Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).
Configure the "Access-Control-Allow-Origin" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cross-Domain Misconfiguration #190

Before you describe your issue, idea or feature, please consider using this issue template.

Type of issue:

Short description on the issue

Possible fix

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Cross-Domain Misconfiguration #190

Description

Before you describe your issue, idea or feature, please consider using this issue template.

Type of issue:

Short description on the issue

Possible fix

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions