Table of Contents

Browser Protection

Rama Sadhu Updated by Rama Sadhu

The purpose of adding JavaScript in any application is to update the html content dynamically without reloading the entire page, enhance the interactivity, manage data, and improve the user experience. 

On average, an application can have 100’s of JavaScript's. If an application is compromised and malicious javaScript is part of the application, then JavaScript can run at browser level and send information to the hacker directly.  

Our AppTrana’s CSP (Client- Side Protection) feature protects the customers by blocking malicious JavaScript's. 

How to Protect Client Side Application? 

  1. Go to Protect > Browser Protection. 
  2. Two toggle buttons are given. One is to enable client-side protection and the second is to enforce protection. 
  3. Once you enable the Protection toggle button, the enforcement will be done within 24hours. 

 Browser Protection Summary 

 The summary contains three sections, those are: 

  1. Internal JavaScript 
  2. External JavaScript 
  3. Source Domains 
Without Policy - At first when the domains are listed in the table, Approval status displayed as Pending. If a customer doesn’t take any action, then the domain is called domain Without Policy. 
Policy Added – If action taken in a domain (allowed or blocked), then the domain is called policy added.
Reference Domains 

This field displays all the domains with JavaScript details. 

Parameter 

Description 

Ref. Domain Name 

This field displays the source domain name. 

Approval 

  • Pending- When a site is onboarded, initially the status reflects as pending. 
  • Allowed – Enable the toggle button to allow JavaScript. 
  • Blocked – Disable the toggle button to block JavaScript. 
  • While updating the approval status domain details pop-up opens. Enter your comments in respective field, example: Valid JavaScript, Malicious JavaScript. 
  • Also, the email address of the user who changed the status will be displayed. 

Source Type 

  • External-The list of JavaScript which is not added during onboard called as external. 
  • Internal- The list of JavaScript added in the domain during onboard called as Internal JavaScript. 

JS Referred 

Click on the Show button to see the referred JavaScript. 

 

Referred JavaScript 
  • This field displays the list of allowed or blocked JavaScript's for a selected domain. 
  • Go to the Primary Reference Domains table, select the domain to show JavaScript, and click Show button.  

Parameter 

Description 

JS File Name 

This field displays JavaScript file name. 

Pages Referred 

The count of pages in the domain where javascript is referred. 

Requests Triggered 

This field gives the count of requests triggered. 

Details 

Click on the Details button to see the JavaScript details. 

Chain Reference 

This field shows a list of domains for which the javascript is routed through. 

 

JavaScript Details

Parameter 

Description 

Domain Name 

This field displays the domain name. 

JS Identified 

JavaScript identified time: 

Example:  MM/DD/YYYY      11:23:50 PM 

Base URL 

The list of URLs where JavaScript is used. 

JavaScript File Name 

This field displays the JavaScript file name. 

IP’s that triggered jquery 

Customers can identify the list of IP addresses where the JavaScript is used, latest request, and the number of requests are displayed here. 

 

Script Change Alerts 

 If any content is modified in JavaScript, then an alert will be created in this section. 

Parameter

Description 

JavaScript File Name 

This field shows the name of the JavaScript. 

Last Changed 

This field shows the date when the content has been modified. 

Page Referred 

The count of pages in the domain that use JavaScript. 

Source Domain 

Domain names are displayed in this field. 

Mark as Read 

Customers must read the alert and acknowledge the changes in JavaScript. 

How did we do?

BOT Protection

Configure Custom Error Pages in AppTrana

Contact

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.