Vulnerability in EPiServer.Forms

Try our conversational search powered by Generative AI!

Daniel Ovaska
Mar 5, 2021
(2 votes)

What countries does your site leak data to?

A modern website built using your favorite Episerver CMS has a lot of external script resources that are being fetched from all around the world. This is both a good and a bad thing. You can get a lot of value from tools such as google analytics, hotjar, google translate etc but since you are running this scripts in the users browser you are also potentially leaking user information to these companies. This might be an issue in these GDPR times. 

An easy way to check where you are getting your scripts from is to copy / paste this little script into your google chrome browser console:
(Kudos to Tomas Persson for the script)

This will give you information similar to this for a common swedish site:

So what information are you sending to the US? Probably more than you think...

Happy coding! Stay safe!

Daniel Ovaska
Binary True AB

Mar 05, 2021


Please login to comment.
Latest blogs
Stop Managing Humans in Your CMS

Too many times, a content management system becomes a people management system. Meaning, an organization uses the CMS to manage all the information...

Deane Barker | Nov 30, 2023

A day in the life of an Optimizely Developer - Optimizely CMS 12: The advantages and considerations when exploring an upgrade

GRAHAM CARR - LEAD .NET DEVELOPER, 28 Nov 2023 In 2022, Optimizely released CMS 12 as part of its ongoing evolution of the platform to help provide...

Graham Carr | Nov 28, 2023

A day in the life of an Optimizely Developer - OptiUKNorth Meetup January 2024

It's time for another UK North Optimizely meet up! After the success of the last one, Ibrar Hussain (26) and Paul Gruffydd (Kin + Carta) will be...

Graham Carr | Nov 28, 2023

Publish content to Optimizely CMS using a custom GPT from OpenAI 🤖

Do you find the traditional editor interface complicated and cluttered? Would you like an editorial AI assistant you can chat with? You can!

Tomas Hensrud Gulla | Nov 28, 2023 | Syndicated blog

Optimizely Graph and Next.js: Building Scalable Headless Solutions

Optimizely Graph harnesses the capabilities of GraphQL, an intuitive and efficient query language to, transform content within an Optimizely CMS in...

Szymon Uryga | Nov 27, 2023

Getting Started with Optimizely SaaS Core and Next.js Integration: Testing Content Updates

The blog post discusses the challenges of content updates on a website using Optimizely CMS, Next.js, and the Apollo Client due to Apollo's local...

Francisco Quintanilla | Nov 27, 2023 | Syndicated blog