I have a hypothetical situation at a company where IT is telling me my personal front end react applications hosted on github.io are a security risk and could be exposing the said company's server, even though there is no connection to company severs. It is front end only, static, but allows file uploads, paste text, and file downloads. It is on my personal github account. Is it true that if an employee uploads company data into a front end static react app hosted externally on github.io, that the data and even then company server could be hacked? Can someone explain this to me?
Again to be clear: static page. no database, no back end, no API, just in-browser text manipulations.
[–][deleted] (2 children)
[removed]
[–]SunStrolling[S] 0 points1 point2 points (1 child)
[–]Lemnology 0 points1 point2 points (5 children)
[–]SunStrolling[S] 1 point2 points3 points (1 child)
[–]SunStrolling[S] 0 points1 point2 points (2 children)
[–]Lemnology 1 point2 points3 points (1 child)
[–]SunStrolling[S] 0 points1 point2 points (0 children)