What type of action should be taken when cross-domain scripts are detected?
Check the transition source of the cross-domain script, and detect when it straddles the domain different from the registered one. However, cross-domain script detection always detects when it straddles a different domain. It does not determine whether the transition destination is malicious or not.
* If the domain detected when straddling was known and normal, please refer to “ADD – Register safe cross domain” below and register it as the safe cross domain list.
■How to check transition source from alert emails
As regards viewing the emailed list, URLs in which cross-domain scripts have been detected are shown at the top, older hierarchies are shown lower down, and the Analysis Start URL is shown at the bottom.
■How to confirm the transition source from the Web console
1.Log in to the GRED WebCheck web console.
2.Display the [Home] screen of the applicable Analysis Start URL.
3.Click the yellow [!] mark on the applicable date that a cross-domain script was detected from the calendar.
4.Confirm the link transition source from [Background to detected cross-domain script].
Register detected cross-domain scripts on the safe cross domain list, and confirm that the applicable cross-domain script is not detected in the next analysis.
“ADD – Register safe cross domain”
When a cross-domain script has already been detected
1.Log in to the Web console of GRED WebCheck, and select the applicable schedule title.
2.Click “Settings” from the left menu, and click “Manage cross domain” in the “Cross Domain” menu.
3.Check the domain permitted from the “Permissions list: Quick registration,” and click [Register].
4.Confirm that the domain permitted as per Step 3 has been added to the “Permission list: Edit” at the bottom of the page.
* In the case of setting up a cross-domain script in regular website creation, cross-domain scripts need to be registered in advance by selecting “Settings” > “Manage cross domain” in the “Cross Domain” menu > “ADD – Register safe cross domain”, using the GRED WebCheck web console.——————————————————————-