Details
The net.http.JSONPEnabled parameter is used to enable or disable JSONP access via an HTTP interface. Enabling this parameter also enables the HTTP interface, even if the parameter for enabling the HTTP interface is set to disabled.
Please note that this function has been Deprecated since version 3.2.
Rationale:
Additional network interfaces expose the system to a greater extent. Running unnecessary services may allow an attacker to penetrate the system via an unknown vulnerability.
Solution
Set the parameter value to false to disable JSONP access.
Default Value:
false
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.