CHUVASH.eu

CHunky Universe of Vigourous Astonishing SHarepoint :)

What about the SharePoint app domain?

This is an open question about the domains for SharePoint apps. On Technet: Configure an environment for apps for SharePoint (SharePoint 2013) we can read the following:

You must configure a new name in Domain Name Services (DNS) to host the apps. To help improve security, the domain name should not be a subdomain of the domain that hosts the SharePoint sites. For example, if the SharePoint sites are at Contoso.com, consider ContosoApps.com instead of App.Contoso.com as the domain name.

Does it apply to SharePoint Online? Well, apparently not 🙂 So why should we do it on premises?

subdomain

As we all know, sharepoint.com is used for our Office 365 tenancies and for apps.

Advertisements

3 responses to “What about the SharePoint app domain?

  1. Stuart 2014-03-22 at 20:03

    Thanks Anatoly, really interesting

  2. m00ntear 2014-11-18 at 23:41

    Well the same-origin policy exists for a reason and I’m not sure why MS does it this way in O365. There is some more information and recommendation here: http://technet.microsoft.com/en-us/library/fp161237%28v=office.15%29.aspx – Take google as an example. Google uses google.com for trusted activities and *.googleusercontent.com for untrusted sites. Read about the cookie security here: http://security.stackexchange.com/questions/12412/what-cookie-attacks-are-possible-between-computers-in-related-dns-domains-exa

    I really don’t like the custom domain for apps, but everything suggest we really should use it. Would be great if MS would shed some light on how they implemented it for O365.

    • Anatoly Mironov 2014-11-24 at 14:45

      Thank you for your comment. What I’ve been thinking about is also Yammer. Yammer uses the same domain (not even implementing subdomains) for all companies: yammer.com/companyA, yammer.com/companyB and so on. I am sure they have security tools in place to prevent unathorized access, but in my point of view, and I suppose in yours (google example) it is done in the wrong way in the foundation of the service.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Вула Чăвашла

VulaCV - Чăвашла вулаттаракан сайт

Discovering SharePoint

And going crazy doing it

Bram de Jager talking Office 365, SharePoint and Azure

My view and thoughts on Productivity and more.

My programming life

and everything in between

SharePoint Development Lab by @avishnyakov

It is a good place to share some SharePoint stories and development practices.

SharePoint Dragons

Nikander & Margriet on SharePoint

RealActivity - Real-time and trustworthy

Blog site of founder, RealActivty - Paul J. Swider

Mai Omar Desouki - Avid SharePointer

Egyptian & Vodafoner - Senior SharePoint Consultant

Cameron Dwyer | Office 365, SharePoint, Outlook, OnePlace Solutions

Office 365, SharePoint, OnePlace Solutions & Life's Other Little Wonders

paul.tavares

Me and My doings!

Share SharePoint Points!!

By Mohit Vashishtha

Jimmy Janlén "Den Scrummande Konsulten"

Erfarenheter, synpunkter och raljerande om Scrum från Jimmy Janlén

SPJoel

SharePoint for everyone

SharePointRyan

Ryan Dennis is a SharePoint Solution Architect with a passion for SharePoint and PowerShell

SharePoint 2020

The Vision for a Future of Clarity

Aharoni in Unicode, ya mama

Treacle tarts for great justice

... And All That JS

JavaScript, Web Apps and SharePoint

%d bloggers like this: