Client-side active content is restricted by web content filters to an organisation-approved list of domain names.
Topic
Using web content filters
Applicable to
all
History
Priority
recommended
Mar 2022
Client-side active content is restricted by web content filters to an organisation-approved list of domain names.
Miscellaneous changes were made to rationale and recommendations throughout the publication to clarify content without changing intent. This included a review from the Guidelines for System Hardening chapter through to the Guidelines for Data Transfers chapter.
2017
Agencies should restrict client-side active content, such as Java and to a whitelist of approvedwebsites. This whitelist may be the same as the HTTP whitelist, or a separate active contentwhitelist.
Control Text Changed. No public explaination.
2015
Agencies should restrict client–side active content, such as Java and ActiveX to a whitelist ofapproved websites. This whitelist may be the same as the HTTP whitelist, or a separate activecontent whitelist.
2010
It is recommended agencies block client-side active content, such as Java and ActiveX, which might not havea large business impact.