this post was submitted on 07 Jul 2023
9 points (90.9% liked)
Sysadmin
7717 readers
1 users here now
A community dedicated to the profession of IT Systems Administration
No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Based on this quick article, https://softwarekeep.com/help-center/what-is-gstatic-com#:~:text=Gstatic%20is%20a%20special%20website,%2C%20pictures%2C%20and%20style%20sheets. It feels like just allowing all of gstatic is a bit of a security nightmare. I'd push back and have them identify the parts of gstatic they actually need for their website to work and allow those.
Alternatively, if this application needs a cdn but is only intended for local hosting in the secure network, perhaps a locally hosted cdn could be a good idea.
Without knowing the security in place it's hard to do much beyond give general maybe this or that.