A client asked me this question:
“We are hoping to determine if anything can be done regarding those third party libraries. We are using v3 of the Okta sign-in widget and it looks like the latest is v5. Do you know if updating the version will remediate these issues? Also if we do update to v5 and something goes wrong, is it possible to rollback?”
Their widget is not loading, I think it is prevented by a third party security application (CoalFire) that identifies three JavaScript libraries loaded by the widget as being potentially dangerous (CORS). I found documentation from Okta about the JQuery library, but can’t find anything about the others. The client asks if they are secure. What do I tell them?
