Recent searches


No recent searches

Brook Watson's Avatar

Brook Watson

Joined Oct 14, 2022

·

Last activity Oct 14, 2022

Following

0

Followers

0

Total activity

2

Votes

0

Subscription

1

ACTIVITY OVERVIEW

Latest activity by Brook Watson

Brook Watson commented,

CommentTicket editor, assignee, and requestor

Disabling "Enable secure downloads" provides a temporary fix, but that exposes our ticket attachments to the potential for bots to index those images. This exposes potentially sensitive client information.

Trying to append "/agent" to our host mapped domain generates additional zendesk errors where the CNAME does not match. Cannot add /agent to our CNAME entry in DNS, only accepts FQDN.

The root cause appears to be recent browser security enhancements around CORS. Haven't tried disabling the CORS and Cross Site browser security settings, but this appears to be why attachments that need to be authenticated from host mapped domains using 3rd party SSO providers no longer works.

View comment · Posted Oct 14, 2022 · Brook Watson

0

Followers

1

Vote

0

Comments