I’m working with a PCI compliant client right now and due to the project scope and agreements, the web pages that get built on the Windows kiosks that I’m developing stuff on are prohibited from accessing remote locations such as ajax.googleapis.com (i.e. - when the users make requests to our business affiliate pages that have been okayed to be accessed from the kiosks, the HTML is built but some of those pages rely on things like ajax.googleapis.com for scripts, and due to the PCI compliance and firewalls, the script requests return 404s if their locations are outside of the PCI zones). As you can imagine, this causes problems.
So far, the only “solution” to all of this is to redirect the blocked remote locations with the kiosk HOSTS files to instead reference web servers within the PCI zones and at that point, mimic the original directory paths on our systems. I’m curious though: is there a more local way to somehow intercept the HTTP request being made from the kiosk to substitute the final return value with a local path? You’d be able to do something like this locally if a web server existed on the kiosks, but unfortunately, that is not allowed. So this leaves us with the “solution” above. Can something like this be done with domain policies? The IE11 browser the kiosks use? Maybe the registry??? This way, the libraries could be accessed from the kiosks and we wouldn’t be forced to place the ajax.googleapis.com libraries on our web servers with the same directory paths–which can lead to very disorganized servers.
Any insight is appreciated.