{"id":104859,"date":"2025-09-29T10:26:34","date_gmt":"2025-09-29T08:26:34","guid":{"rendered":"https:\/\/mwtsolutions.eu\/?p=104859"},"modified":"2025-09-30T12:07:54","modified_gmt":"2025-09-30T10:07:54","slug":"browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci","status":"publish","type":"post","link":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/","title":{"rendered":"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"104859\" class=\"elementor elementor-104859\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-50ac9e84 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"50ac9e84\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3b69cd65\" data-id=\"3b69cd65\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7dfd85da elementor-widget elementor-widget-text-editor\" data-id=\"7dfd85da\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Zn\u00e1te ten pocit, kdy\u017e otev\u0159ete u\u017eivatelsk\u00fd prohl\u00ed\u017ee\u010d a vypad\u00e1 to tam jako na ble\u0161\u00e1ku? Panely n\u00e1stroj\u016f, kup\u00f3nov\u00e9 pluginy, pozn\u00e1mkov\u00e9 vychyt\u00e1vky, \u201eproduktivitn\u00ed\u201c pomocn\u00edci\u2026 a nikdo po\u0159\u00e1dn\u011b nev\u00ed, pro\u010d jich je tolik. P\u0159idejte v\u0161udyp\u0159\u00edtomn\u00e1 okna \u201eP\u0159ihl\u00e1sit se pomoc\u00ed Google\/Microsoft\u201c a m\u00e1te dv\u011b st\u00e1l\u00e9 cesty, kudy mohou t\u00e9ct data ven: podez\u0159el\u00e1 roz\u0161\u00ed\u0159en\u00ed a rizikov\u00e9 OAuth aplikace.<\/p><p>Dobr\u00e1 zpr\u00e1va:<a href=\"https:\/\/i.mwtsolutions.eu\/produkty\/security-it\/bezpieczenstwo-przegladarek-browser-security-plus\/\"> <strong>ManageEngine Browser Security Plus (BSP)<\/strong> <\/a>v\u00e1m d\u00e1v\u00e1 realistick\u00fd, admin-friendly zp\u016fsob, jak to cel\u00e9 zkrotit, ani\u017e by se cel\u00e1 firma obr\u00e1tila proti IT. Tenhle n\u00e1vod dr\u017e\u00edme lidsky a prakticky. Bez \u017eargonu jen proto, abychom zn\u011bli chyt\u0159e\u2014jen jasn\u00e9 kroky, kter\u00e9 funguj\u00ed.<\/p><p><strong>Co probereme:<\/strong><\/p><ul><li><span style=\"font-size: 1.6rem;\">Pro\u010d jsou roz\u0161\u00ed\u0159en\u00ed m\u011bkk\u00fd c\u00edl a jak se zneu\u017e\u00edvaj\u00ed v praxi<\/span><\/li><li>Jak ve skute\u010dnosti funguje zneu\u017eit\u00ed OAuth (a pro\u010d hesla a MFA n\u011bkdy nesta\u010d\u00ed)<\/li><li>F\u00e1zovan\u00fd pl\u00e1n zpevn\u011bn\u00ed v BSP: inventura \u2192 allowlist \u2192 blokace podle opr\u00e1vn\u011bn\u00ed \u2192 uta\u017een\u00ed nastaven\u00ed prohl\u00ed\u017ee\u010de<\/li><li>Chytr\u00e1 nastaven\u00ed prohl\u00ed\u017ee\u010de, kter\u00e1 sni\u017euj\u00ed riziko kolem OAuth p\u0159\u00edmo na endpointu<\/li><li>Kde kon\u010d\u00ed BSP a kde p\u0159eb\u00edraj\u00ed va\u0161e identity n\u00e1stroje (Microsoft 365\/Entra ID, Google Workspace)<\/li><li>30denn\u00ed rollout pl\u00e1n<\/li><li>\u010cast\u00e9 z\u00e1drhele a jak je obej\u00edt<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-45f98d9 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"45f98d9\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-098daa2\" data-id=\"098daa2\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-2246025 elementor-widget elementor-widget-text-editor\" data-id=\"2246025\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>Dva probl\u00e9my, kter\u00e9 ve skute\u010dnosti \u0159e\u0161\u00edte<\/strong><\/h3><h4><strong>1) Rozr\u016fstaj\u00edc\u00ed se zoo roz\u0161\u00ed\u0159en\u00ed (aneb \u201epro\u010d m\u00e1 K\u00e1ja 14 dopl\u0148k\u016f?\u201c)<\/strong><\/h4><p>\u00a0<\/p><p>Roz\u0161\u00ed\u0159en\u00ed jsou mal\u00e9 aplikace uvnit\u0159 prohl\u00ed\u017ee\u010de. Lidi je instaluj\u00ed, aby si uleh\u010dili \u017eivot: p\u0159elo\u017eit str\u00e1nku, ud\u011blat screenshot, ukl\u00e1dat si v\u00fdst\u0159i\u017eky, blokovat reklamy, vyplnit formul\u00e1\u0159e\u2026 H\u00e1\u010dek: roz\u0161\u00ed\u0159en\u00ed um\u00ed \u010d\u00edst obsah str\u00e1nek, hrabat se v po\u017eadavc\u00edch, a n\u011bkdy si s\u00e1hnou i na lok\u00e1ln\u00ed po\u010d\u00edta\u010d. To je spousta s\u00edly nam\u00ed\u0159en\u00e9 na va\u0161e klenoty\u2014e-mail, dokumenty, chaty, finan\u010dn\u00ed port\u00e1ly, HR n\u00e1stroje, zdroj\u00e1ky, prost\u011b v\u0161echno.<\/p><p>Re\u00e1ln\u00e1 rizika:<\/p><ul><li><strong>Tich\u00fd p\u0159\u00edstup k dat\u016fm.<\/strong> N\u011bkter\u00e1 roz\u0161\u00ed\u0159en\u00ed vid\u00ed obsah str\u00e1nek a po\u0161lou ho pry\u010d.<\/li><li><strong>Manipulace s provozem.<\/strong> Dopl\u0148ky s \u201enetwork\u201c h\u00e1ky um\u00ed zachyt\u00e1vat po\u017eadavky, vkl\u00e1dat skripty nebo lovit tokeny.<\/li><li><strong>Mosty do lok\u00e1lu.<\/strong> Roz\u0161\u00ed\u0159en\u00ed, kter\u00e1 mluv\u00ed s lok\u00e1ln\u00edmi aplikacemi, mohou data vyv\u00e9st nebo spou\u0161t\u011bt akce mimo dohled prohl\u00ed\u017ee\u010de.<\/li><li><strong>M\u011b\u0148avky.<\/strong> P\u0159i instalaci nevinn\u00e9, po \u201eaktualizaci\u201c n\u011bco, co byste nikdy neschv\u00e1lili.<\/li><\/ul><p>BSP na to jde jednodu\u0161e a \u00fa\u010dinn\u011b: uvid\u00edte <strong>v\u0161echno nainstalovan\u00e9<\/strong>, ur\u010d\u00edte, co <strong>sm\u00ed b\u011b\u017eet<\/strong>,<strong> vypnete zbytek<\/strong> a (to je tajn\u00e1 zbra\u0148) budete <strong>blokovat podle opr\u00e1vn\u011bn\u00ed<\/strong>, ne jen podle n\u00e1zvu. Kdy\u017e je n\u011bjak\u00e1 schopnost obecn\u011b nebezpe\u010dn\u00e1, zak\u00e1\u017eete ji v\u0161ude.<\/p><h4><strong>2) Zneu\u017eit\u00ed OAuth (aneb \u201econsent phishing\u201c)<\/strong><\/h4><p>\u00a0<\/p><p>Nejhor\u0161\u00ed na zneu\u017eit\u00ed OAuth je, \u017ee to vypad\u00e1 legitimn\u011b. U\u017eivatel klikne na \u201eP\u0159ihl\u00e1sit se pomoc\u00ed\u2026\u201c, vysko\u010d\u00ed opravdov\u00e9 souhlasov\u00e9 okno od Microsoftu nebo Googlu a on d\u00e1 t\u0159et\u00ed stran\u011b opr\u00e1vn\u011bn\u00ed \u010d\u00edst e-maily nebo soubory. \u017d\u00e1dn\u00e1 kr\u00e1de\u017e hesla. \u017d\u00e1dn\u00e1 fale\u0161n\u00e1 p\u0159ihla\u0161ova\u010dka. Naprosto norm\u00e1ln\u00ed flow.<\/p><p>\u00a0<\/p><p>Od t\u00e9 chv\u00edle m\u016f\u017ee \u00fato\u010dn\u00edk (nebo pochybn\u00e1 appka) pou\u017e\u00edvat tokeny k p\u0159\u00edstupu k dat\u016fm\u2014n\u011bkdy hodn\u011b dlouho. Zm\u011bna hesla ta opr\u00e1vn\u011bn\u00ed nevezme zp\u011bt. Mus\u00edte <strong>odvolat souhlas<\/strong> nebo aplikaci <strong>centr\u00e1ln\u011b zablokovat<\/strong>.<\/p><p>\u00a0<\/p><p>Identity platformy na to maj\u00ed p\u00e1ky\u2014workflow pro admin souhlas, allowlist aplikac\u00ed, sk\u00f3rov\u00e1n\u00ed rizika. Ale BSP taky hraje velkou roli: na endpointu m\u016f\u017eete <strong>sn\u00ed\u017eit \u0161anci,<\/strong> \u017ee se u\u017eivatel do takov\u00fdch flow v\u016fbec dostane, a <strong>zkr\u00e1tit \u017eivot<\/strong> token\u016fm a cookies, kter\u00e9 by jinak na stroji z\u016fst\u00e1valy.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a417825 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"a417825\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-076dd91\" data-id=\"076dd91\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d86ebe3 elementor-widget elementor-widget-text-editor\" data-id=\"d86ebe3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>Co p\u0159in\u00e1\u0161\u00ed Browser Security Plus do boje<\/strong><\/h3><p>\u00a0<\/p><p>BSP berte <strong>jako \u0159\u00eddic\u00ed centrum prohl\u00ed\u017ee\u010dov\u00fdch politik a roz\u0161\u00ed\u0159en\u00ed:<\/strong><\/p><ul><li><strong>Inventura a klasifikace<\/strong> <strong>roz\u0161\u00ed\u0159en\u00ed<\/strong> nap\u0159\u00ed\u010d Chrome, Edge a Firefoxem. Kdo co m\u00e1, kde, s jak\u00fdmi opr\u00e1vn\u011bn\u00edmi.<\/li><\/ul><p><img fetchpriority=\"high\" class=\"wp-image-104862 alignnone\" src=\"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artykul-300x148.png\" alt=\"\" width=\"710\" height=\"351\" srcset=\"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artykul-300x148.png 300w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artykul-1024x506.png 1024w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artykul-768x380.png 768w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artykul-1536x759.png 1536w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artykul.png 1887w\" sizes=\"(max-width: 710px) 100vw, 710px\" \/><\/p><ul><li><strong>Allowlist\/Blocklist roz\u0161\u00ed\u0159en\u00ed<\/strong>, tak\u017ee b\u011b\u017e\u00ed jen schv\u00e1len\u00e9 dopl\u0148ky. Nov\u00e9 instalace m\u016f\u017eete prost\u011b vypnout.<\/li><li><strong>Blokace podle opr\u00e1vn\u011bn\u00ed<\/strong> (velk\u00e1 v\u011bc). Kdy\u017e nechcete, aby roz\u0161\u00ed\u0159en\u00ed zachyt\u00e1vala provoz nebo pracovala s tokeny, zaka\u017ete tyhle schopnosti v\u0161ude. Jak\u00fdkoli dopln\u011bk, kter\u00fd je vy\u017eaduje, se s\u00e1m vypne.<\/li><li><strong>P\u0159esun tvrd\u00fdch nastaven\u00ed do prohl\u00ed\u017ee\u010d\u016f<\/strong>: blok t\u0159et\u00edch stran cookies, vynucen\u00ed Safe Browsing\/SmartScreen, z\u00e1kaz p\u0159ihla\u0161ov\u00e1n\u00ed osobn\u00edch \u00fa\u010dt\u016f do prohl\u00ed\u017ee\u010de, re\u017eim \u201ejen session data\u201c a dal\u0161\u00ed.<\/li><li><strong>Filtrov\u00e1n\u00ed webu a omezen\u00ed download\u016f<\/strong>, aby se lidi netoulali po \u0161patn\u00fdch webech a nestahovali rizikov\u00e9 form\u00e1ty z n\u00e1hodn\u00fdch m\u00edst.<\/li><li><strong>Izolace ned\u016fv\u011bryhodn\u00e9ho prohl\u00ed\u017een\u00ed<\/strong> v jednor\u00e1zov\u00e9m \u201ekontejneru\u201c\u2014co se stane v tom tabu, um\u0159e v tom tabu.<\/li><li><strong>Reporty a alerty<\/strong>, abyste vid\u011bli drift a uklidili d\u0159\u00edv, ne\u017e z toho bude pr\u016f\u0161vih.<\/li><\/ul><p><img class=\"wp-image-104865 alignnone\" src=\"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artkul2-300x148.png\" alt=\"\" width=\"710\" height=\"350\" srcset=\"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artkul2-300x148.png 300w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artkul2-1024x505.png 1024w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artkul2-768x379.png 768w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artkul2-1536x758.png 1536w, https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/artkul2.png 1910w\" sizes=\"(max-width: 710px) 100vw, 710px\" \/><\/p><h3><strong>Praktick\u00fd pl\u00e1n zpevn\u011bn\u00ed (nasazujte po f\u00e1z\u00edch)<\/strong><\/h3><h4><strong>F\u00e1ze 1 \u2014 Nejprve viditelnost, pak z\u00e1kladn\u00ed postoj<\/strong><\/h4><ol><li style=\"list-style-type: none;\"><ol><li><strong>Inventura v\u0161eho.<\/strong><br \/>Pus\u0165te p\u0159ehled roz\u0161\u00ed\u0159en\u00ed v BSP. Vyt\u00e1hn\u011bte seznamy podle prohl\u00ed\u017ee\u010de, u\u017eivatele a stroje. Ozna\u010dte nejhor\u0161\u00ed kousky a v\u0161echno, co m\u00e1 \u0161irok\u00e1\/senzitivn\u00ed opr\u00e1vn\u011bn\u00ed. To je va\u0161e startovn\u00ed mapa.<\/li><li><strong>Vyberte baseline: allowlist nebo blocklist.<\/strong><br \/>Jestli v\u00e1s nebav\u00ed hr\u00e1t na whack-a-mole, zvolte allowlist-first: schvalte kr\u00e1tk\u00fd seznam legitimn\u00edch roz\u0161\u00ed\u0159en\u00ed (spr\u00e1vce hesel, SSO helper, Grammarly, firemn\u00ed pozn\u00e1mkova\u010d, schv\u00e1len\u00fd screen capture atd.) a zbytek blokn\u011bte. Vysv\u011btluje se to snadno a vynucuje je\u0161t\u011b snadn\u011bji.<\/li><li><strong>Omezte zdroje instalac\u00ed.<\/strong><br \/>Dr\u017ete instalace jen p\u0159es ofici\u00e1ln\u00ed obchody a spravovan\u00e9 kan\u00e1ly. Nedovolte u\u017eivatel\u016fm \u201esideloadovat\u201c zipy n\u011bkde z netu.<\/li><\/ol><\/li><\/ol><p>\u00a0<\/p><p><strong>Komunika\u010dn\u00ed tip:<\/strong> Po\u0161lete kr\u00e1tk\u00e9, p\u0159\u00e1telsk\u00e9 upozorn\u011bn\u00ed:<\/p><p>\u00a0<\/p><p>\u201e\u010cist\u00edme roz\u0161\u00ed\u0159en\u00ed v prohl\u00ed\u017ee\u010d\u00edch, aby byly \u00fa\u010dty bezpe\u010dn\u011bj\u0161\u00ed a prohl\u00ed\u017ee\u010de rychlej\u0161\u00ed. Z\u016fstanou v\u00e1m A, B a C. Pokud n\u011bco pot\u0159ebujete nav\u00edc, po\u017e\u00e1dejte tady. Reakce budou rychl\u00e9.\u201c<\/p><p>Za\u010dn\u011bte pilotem v IT a jednom business \u00fatvaru na t\u00fdden. Zjist\u011bte, co (kdy\u017e u\u017e) prask\u00e1, a pak roz\u0161i\u0159te dosah.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4d565b1 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"4d565b1\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-02826a0\" data-id=\"02826a0\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-45eecad elementor-widget elementor-widget-text-editor\" data-id=\"45eecad\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>F\u00e1ze 2 \u2014 Bu\u010fte chyt\u0159\u00ed: blokujte roz\u0161\u00ed\u0159en\u00ed podle opr\u00e1vn\u011bn\u00ed<\/strong><\/h3><p>\u00a0<\/p><p>Tady BSP opravdu z\u00e1\u0159\u00ed. N\u00e1zvy se m\u011bn\u00ed, vydavatel\u00e9 taky\u2014<strong>opr\u00e1vn\u011bn\u00ed<\/strong> ne. Kdy\u017e zak\u00e1\u017eete n\u011bkter\u00e9 schopnosti, v\u0161echno, co je pot\u0159ebuje, je zastaveno u dve\u0159\u00ed. Zva\u017ete t\u0159i velk\u00e9:<\/p><ul><li><strong>identity (OAuth\/token flow).<\/strong><br \/>V\u011bt\u0161ina roz\u0161\u00ed\u0159en\u00ed nepot\u0159ebuje vyd\u00e1vat OAuth tokeny. Pokud se na tom v\u00fdslovn\u011b nezakl\u00e1d\u00e1 n\u011bjak\u00fd v\u00e1mi schv\u00e1len\u00fd dopln\u011bk, z\u00e1kaz identity dr\u017e\u00ed tokeny d\u00e1l od ned\u016fv\u011bryhodn\u00fdch roz\u0161\u00ed\u0159en\u00ed.<\/li><li><strong>webRequest (zachyt\u00e1v\u00e1n\u00ed provozu).<\/strong><br \/>\u010casto zneu\u017e\u00edvan\u00e9 k injekci reklam a \u0161m\u00edrov\u00e1n\u00ed provozu. Nem\u00e1te-li od\u016fvodn\u011bn\u00e9 pou\u017eit\u00ed, prost\u011b to blokn\u011bte. S\u00ed\u0165a\u0159i v\u00e1m pod\u011bkuj\u00ed.<\/li><li><strong>nativeMessaging (most do lok\u00e1ln\u00edho OS).<\/strong><br \/>U\u017eite\u010dn\u00e9 pro legitimn\u00ed p\u0159\u00edpady, nebezpe\u010dn\u00e9 pro exfiltraci. Kdy\u017e to fakt pot\u0159ebujete, povolte v\u00fdjimkou a co neju\u017e\u0161\u00ed skupin\u011b.<\/li><\/ul><p>Permission blacklist v BSP zastav\u00ed jak\u00e9koli roz\u0161\u00ed\u0159en\u00ed, kter\u00e9 o tahle opr\u00e1vn\u011bn\u00ed po\u017e\u00e1d\u00e1. Je to chirurgick\u00fd \u0159ez rizika bez h\u00e1d\u00e1n\u00ed, kter\u00fd brand se zbl\u00e1zn\u00ed p\u0159\u00ed\u0161t\u00ed m\u011bs\u00edc.<\/p><p>\u00a0<\/p><p><strong>Jak to zav\u00e9st bez chaosu:<\/strong><\/p><ul><li>Za\u010dn\u011bte pilotem a blokujte <strong>jen jedno<\/strong> opr\u00e1vn\u011bn\u00ed (t\u0159eba webRequest). Sledujte dopady.<\/li><li>P\u0159idejte identity, potom nativeMessaging.<\/li><li>U ka\u017ed\u00e9 \u017e\u00e1dosti o v\u00fdjimku se ptejte: <em>Jak\u00fd byznys \u00fakol pad\u00e1? Kter\u00e9 weby? Existuje bezpe\u010dn\u011bj\u0161\u00ed alternativa?<\/em> Kdy\u017e mus\u00edte povolit, ohrani\u010dte to.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-773e797 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"773e797\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ef5342f\" data-id=\"ef5342f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a0e7a94 elementor-widget elementor-widget-text-editor\" data-id=\"a0e7a94\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3>F\u00e1ze 3 \u2014 Zmen\u0161ete \u201eOAuth plochu\u201c nastaven\u00edmi prohl\u00ed\u017ee\u010de<\/h3><p>\u00a0<\/p><p>OAuth nen\u00ed jen o souhlasov\u00e9m okn\u011b. Je to o tom, co si prohl\u00ed\u017ee\u010d pamatuje a co pust\u00ed mezi weby. P\u00e1r voleb ud\u011bl\u00e1 hromadu pr\u00e1ce:<\/p><ul><li><strong> Blok t\u0159et\u00edch stran cookies<\/strong>. Omez\u00ed cross-site trackov\u00e1n\u00ed a n\u011bkter\u00e9 p\u0159enosy token\u016f. Ano, p\u00e1r aplikac\u00ed je pot\u0159ebuje; od toho jsou c\u00edlen\u00e9 v\u00fdjimky.<\/li><li><strong>Vynutit \u201ejen data relace\u201c (ephemeral mode)<\/strong>. Po zav\u0159en\u00ed prohl\u00ed\u017ee\u010de zmiz\u00ed cookies, local storage i dal\u0161\u00ed session data. T\u00edm zkr\u00e1t\u00edte \u017eivot zbyl\u00fdm token\u016fm a star\u00fdm relac\u00edm.<\/li><li><strong>Zak\u00e1zat p\u0159ihla\u0161ov\u00e1n\u00ed osobn\u00edch \u00fa\u010dt\u016f do prohl\u00ed\u017ee\u010de na firemn\u00edch za\u0159\u00edzen\u00edch.<\/strong> Kdy\u017e lidi p\u0159ihl\u00e1s\u00ed <strong>prohl\u00ed\u017ee\u010d<\/strong> vlastn\u00edm Google\/Microsoft \u00fa\u010dtem, vznikne \u201ecookie gul\u00e1\u0161\u201c, mix syncu a ne\u010dekan\u00e9 souhlasov\u00e9 cesty. Dr\u017ete firemn\u00ed profil \u010dist\u00fd.<\/li><li>\u00a0<strong>Nechat p\u0159\u00edsn\u00fd Safe Browsing\/SmartScreen a blokovat \u201ep\u0159esto pokra\u010dovat\u201c<\/strong>. M\u00e9n\u011b n\u00e1v\u0161t\u011bv pochybn\u00fdch web\u016f = m\u00e9n\u011b pochybn\u00fdch souhlasov\u00fdch oken.<\/li><li><strong>Zak\u00e1zat DevTools<\/strong> pro ne-v\u00fdvoj\u00e1\u0159e. Nen\u00ed to st\u0159\u00edbrn\u00e1 kulka, ale m\u00e9n\u011b p\u0159\u00edle\u017eitost\u00ed hrabat se v storage, tokenech a obch\u00e1zet CSP.<\/li><\/ul><p>Tohle v\u0161e po\u0161lete z BSP a m\u00e1te <strong>konzistenci<\/strong> nap\u0159\u00ed\u010d Chrome\/Edge\/Firefox. Bez GPO akrobacie a \u201ev jednom prohl\u00ed\u017ee\u010di to funguje, v druh\u00e9m ne\u201c.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-29bf6c8 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"29bf6c8\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-926ac5f\" data-id=\"926ac5f\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-26e0462 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"26e0462\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7168107\" data-id=\"7168107\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a466c1c elementor-widget elementor-widget-text-editor\" data-id=\"a466c1c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>F\u00e1ze 4 \u2014 Dejte nezn\u00e1m\u00fdm web\u016fm p\u00edskovi\u0161t\u011b (izolace)<\/strong><\/h3><p>\u00a0<\/p><p>Neodhadnete ka\u017ed\u00fd web, kam u\u017eivatel zabloud\u00ed. Izolace je z\u00e1chrann\u00e1 s\u00ed\u0165:<\/p><ul><li>Va\u0161e d\u016fv\u011bryhodn\u00e9 byznys aplikace dejte na <strong>seznam norm\u00e1ln\u00edho re\u017eimu<\/strong>.<\/li><li>V\u0161echno ostatn\u00ed se otev\u0159e v <strong>izolovan\u00e9 relaci<\/strong>, kter\u00e1 se po zav\u0159en\u00ed <strong>vyma\u017ee<\/strong>.<\/li><li>U\u017eivatel\u00e9 mohou d\u011blat v\u00fdzkum, \u010d\u00edst, zji\u0161\u0165ovat\u2014ale co se sna\u017e\u00ed ten web nechat na stroji, nez\u016fstane.<\/li><\/ul><p>Sp\u00e1rujte izolaci s <strong>Web Filteringem<\/strong> (blok kategori\u00ed se \u0161patnou pov\u011bst\u00ed, nov\u011b registrovan\u00e9 dom\u00e9ny, kryptot\u011b\u017eba apod.) a <strong>omezen\u00edmi stahov\u00e1n\u00ed<\/strong> (blok rizikov\u00fdch typ\u016f soubor\u016f z ned\u016fv\u011bryhodn\u00fdch m\u00edst). Jednoduch\u00e9 p\u00e1ky, velk\u00fd efekt.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-1f403fd elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"1f403fd\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0e19ab9\" data-id=\"0e19ab9\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-5dc39c3 elementor-widget elementor-widget-text-editor\" data-id=\"5dc39c3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>Kde ve skute\u010dnosti \u017eije governance pro OAuth (a jak to BSP dopl\u0148uje)<\/strong><\/h3><p>\u00a0<\/p><p>A\u0165 je to jasn\u00e9: BSP <strong>nerozhoduje<\/strong>, kter\u00e9 OAuth appky sm\u00ed do va\u0161eho Microsoft 365 nebo Google Workspace tenant\u016f. To je pr\u00e1ce <strong>identity<\/strong> t\u00fdmu. Rozd\u011blen\u00ed je takhle:<\/p><p>\u00a0<\/p><p><strong>Ve va\u0161\u00ed identity vrstv\u011b (ud\u011blejte tam):<\/strong><\/p><ul><li>Zapn\u011bte <strong>workflow pro admin souhlas<\/strong>, aby u\u017eivatel\u00e9 nemohli nasypat vysok\u00e1 opr\u00e1vn\u011bn\u00ed n\u00e1hodn\u00e9 appce.<\/li><li>Pravideln\u011b kontrolujte <strong>aplikace t\u0159et\u00edch stran<\/strong>. Dejte <strong>allowlist<\/strong> legitimn\u00edm, zbytek zaka\u017ete nebo omezte.<\/li><li>Odeb\u00edrejte star\u00e9 souhlasy a tokeny p\u0159i offboardingu nebo zm\u011bn\u00e1ch v t\u00fdmu.<\/li><\/ul><p><strong>Na endpointu s BSP (ud\u011blejte tady):<\/strong><\/p><ul><li>Omezte, jak \u010dasto se u\u017eivatel dostane do podez\u0159el\u00fdch souhlasov\u00fdch flow (web filtering, Safe Browsing, izolace).<\/li><li>Zkra\u0165te \u017eivot token\u016fm a cookies (session-only data, blok t\u0159et\u00edch stran cookies).<\/li><li>Zabra\u0148te roz\u0161\u00ed\u0159en\u00edm, aby manipulovala s OAuth nebo provozem (permission blacklist).<\/li><\/ul><p>Dohromady\u2014identity vrstva \u0159e\u0161\u00ed <strong>kdo<\/strong> sm\u00ed k dat\u016fm. BSP ur\u010duje <strong>jak<\/strong> se prohl\u00ed\u017ee\u010de na cest\u011b budou chovat. Pot\u0159ebujete oboj\u00ed.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b1babad elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"b1babad\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-974d7bf\" data-id=\"974d7bf\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-330a48a elementor-widget elementor-widget-text-editor\" data-id=\"330a48a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h4><strong>T\u00fdden 1 \u2014 Zji\u0161t\u011bn\u00ed + komunikace<\/strong><\/h4><ul><li>Spus\u0165te inventuru roz\u0161\u00ed\u0159en\u00ed nap\u0159\u00ed\u010d prohl\u00ed\u017ee\u010di.<\/li><li>Se\u0159a\u010fte podle pou\u017e\u00edv\u00e1n\u00ed a opr\u00e1vn\u011bn\u00ed. Identifikujte top 10 byznys kritick\u00fdch roz\u0161\u00ed\u0159en\u00ed, kter\u00e1 povol\u00edte.<\/li><li>Napi\u0161te a po\u0161lete \u201eheads-up\u201c e-mail. Kr\u00e1tk\u00fd, p\u0159\u00e1telsk\u00fd, konkr\u00e9tn\u00ed: co se m\u011bn\u00ed a jak \u017e\u00e1dat v\u00fdjimky.<\/li><\/ul><h4><strong>T\u00fdden 2 \u2014 Pilot<\/strong><\/h4><ul><li>Vytvo\u0159te <strong>pilotn\u00ed politiku<\/strong>:<ul><li>Zak\u00e1zat nov\u00e9 instalace roz\u0161\u00ed\u0159en\u00ed.<\/li><li>Allowlist schv\u00e1len\u00e9 sady.<\/li><li>Blacklist <strong>jedno<\/strong> rizikov\u00e9 opr\u00e1vn\u011bn\u00ed (za\u010dn\u011bte webRequest).<\/li><\/ul><\/li><li>Po\u0161lete baseline zpevn\u011bn\u00ed prohl\u00ed\u017ee\u010de na pilotn\u00ed skupinu:<ul><li>Blok t\u0159et\u00edch stran cookies.<\/li><li>Re\u017eim \u201ejen data relace\u201c.<\/li><li>Z\u00e1kaz p\u0159ihl\u00e1\u0161en\u00ed osobn\u00edch \u00fa\u010dt\u016f do prohl\u00ed\u017ee\u010de.<\/li><li>P\u0159\u00edsn\u00fd Safe Browsing\/SmartScreen; z\u00e1kaz obch\u00e1zen\u00ed varov\u00e1n\u00ed.<\/li><li>Zak\u00e1zat DevTools pro ne-v\u00fdvoj\u00e1\u0159e.<\/li><\/ul><\/li><li>Sledujte: Co si st\u011b\u017euje? Kter\u00e9 weby pot\u0159ebuj\u00ed v\u00fdjimky? Upravit opatrn\u011b a <strong>v\u017edy zd\u016fvodnit<\/strong>.<\/li><\/ul><h4><strong>T\u00fdden 3 \u2014 Roz\u0161\u00ed\u0159en\u00ed<\/strong><\/h4><ul><li>Zasa\u010fte 30\u201350 % u\u017eivatel\u016f, ide\u00e1ln\u011b po odd\u011blen\u00edch kv\u016fli komunikaci.<\/li><li>P\u0159idejte dal\u0161\u00ed opr\u00e1vn\u011bn\u00ed na blacklist (identity), potom nativeMessaging, pokud nic kritick\u00e9ho nepad\u00e1.<\/li><li>Zapn\u011bte <strong>Web Filtering<\/strong> (zprvu konzervativn\u011b) a <strong>omezen\u00ed stahov\u00e1n\u00ed<\/strong> pro spustiteln\u00e9\/archivn\u00ed form\u00e1ty z ned\u016fv\u011bryhodn\u00fdch web\u016f.<\/li><li>Aktivujte <strong>izolaci<\/strong> pro v\u0161echno mimo seznam d\u016fv\u011bryhodn\u00fdch.<\/li><\/ul><h4><strong>T\u00fdden 4 \u2014 Dota\u017een\u00ed + identity pr\u00e1ce<\/strong><\/h4><ul><li>Aplikujte politiky nap\u0159\u00ed\u010d organizac\u00ed s <strong>dokumentovan\u00fdmi<\/strong> v\u00fdjimkami.<\/li><li>V identity tenantovi:<ul><li>Zapn\u011bte workflow pro admin souhlas u citliv\u00fdch opr\u00e1vn\u011bn\u00ed.<\/li><li>Projd\u011bte t\u0159et\u00ed strany; dejte allowlist d\u016fv\u011bryhodn\u00fdm; zak\u00e1\u017ete zbytek.<\/li><li>Odeb\u00edrejte star\u00e9 souhlasy u u\u017eivatel\u016f a servisn\u00edch \u00fa\u010dt\u016f.<\/li><\/ul><\/li><li>Nastavte m\u011bs\u00ed\u010dn\u00ed reporty v BSP:<ul><li>Nov\u00e1\/blokovan\u00e1 roz\u0161\u00ed\u0159en\u00ed<\/li><li>Z\u00e1sahy permission blacklistu<\/li><li>Hity web filtru<\/li><li>Vyu\u017eit\u00ed izolace<\/li><\/ul><\/li><li>Domluvte 30min review s podporou nebo \u201esecurity ambasadory\u201c pro zp\u011btnou vazbu a backlog.<\/li><\/ul><h4><strong>Pr\u016fb\u011b\u017en\u011b (\u010dtvrtletn\u011b)<\/strong><\/h4><ul><li>Znovu projd\u011bte allowlist. Nen\u00ed-li roz\u0161\u00ed\u0159en\u00ed u\u017e kritick\u00e9, pry\u010d s n\u00edm.<\/li><li>Revidujte v\u00fdjimky a zkuste je st\u00e1hnout, pokud u\u017e nejsou pot\u0159eba d\u00edky zm\u011bn\u00e1m v aplikac\u00edch nebo lep\u0161\u00edm alternativ\u00e1m.<\/li><li>Audit offboardingu: sma\u017ete prohl\u00ed\u017ee\u010dov\u00fd profil, odvolejte OAuth souhlasy, odstra\u0148te data roz\u0161\u00ed\u0159en\u00ed.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6452b88 elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"6452b88\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1181f6d\" data-id=\"1181f6d\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d98c690 elementor-widget elementor-widget-text-editor\" data-id=\"d98c690\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>FAQ:<\/strong><\/h3><p>\u00a0<\/p><p><strong>\u201eNebude blok t\u0159et\u00edch stran cookies a session-only m\u00f3d v\u0161echno rozb\u00edjet?\u201c<\/strong><br \/>Ob\u010das. Proto pilot a <strong>c\u00edlen\u00e9 v\u00fdjimky<\/strong>. Dr\u017ete p\u0159\u00edsn\u00e9 defaulty a povolujte jen konkr\u00e9tn\u00ed dom\u00e9ny, kter\u00e9 to opravdu pot\u0159ebuj\u00ed. Neotv\u00edrejte vrata kv\u016fli jednomu mrzut\u00e9mu LOB n\u00e1stroji.<\/p><p>\u00a0<\/p><p><strong>\u201ePro\u010d prost\u011b nezak\u00e1zat v\u0161echna roz\u0161\u00ed\u0159en\u00ed?\u201c<\/strong><br \/>M\u016f\u017eete, ale bude to bolet a lidi si najdou neofiko cesty. Kr\u00e1tk\u00fd allowlist + blacklist opr\u00e1vn\u011bn\u00ed je lep\u0161\u00ed balanc: skute\u010dn\u00e1 kontrola bez tot\u00e1ln\u00edho zabit\u00ed produktivity.<\/p><p>\u00a0<\/p><p><strong>\u201eCo kdy\u017e pot\u0159ebujeme n\u00e1stroj s nativeMessaging nebo webRequest?\u201c<\/strong><br \/>Berme to jako v\u00fdkonn\u00fd n\u00e1stroj: povolit v\u00fdjimkou, zdokumentovan\u00fd business p\u0159\u00edpad, omezeno na t\u00fdmy, kter\u00e9 to fakt pot\u0159ebuj\u00ed, a <strong>\u010dtvrtletn\u00ed<\/strong> revize. Okoln\u00ed workflow klidn\u011b chra\u0148te izolac\u00ed.<\/p><p>\u00a0<\/p><p><strong>\u201eZastav\u00ed to samo o sob\u011b OAuth \u00fatoky?\u201c<\/strong><br \/>\u017d\u00e1dn\u00fd jeden produkt ne. V identity vrstv\u011b <strong>mus\u00edte<\/strong> \u0159\u00eddit, jak\u00e9 aplikace lze odsouhlasit a k\u00fdm. BSP zpevn\u00ed endpoint: m\u00e9n\u011b podez\u0159el\u00fdch flow, krat\u0161\u00ed \u017eivot session dat, a roz\u0161\u00ed\u0159en\u00ed, kter\u00e1 si nes\u00e1hnou na tokeny ani na provoz.<\/p><p>\u00a0<\/p><p><strong>\u201eNen\u00ed izolace overkill?\u201c<\/strong><br \/>Je to p\u00e1s a airbagy. V b\u011b\u017en\u00fd den si j\u00ed nev\u0161imnete, ale p\u0159i pr\u016f\u0161vihu v\u00e1s zachr\u00e1n\u00ed. Pro nezn\u00e1m\u00e9 destinace je to levn\u00e1 pojistka.<\/p><p>\u00a0<\/p><p><strong>\u201eJak na v\u00fdvoj\u00e1\u0159e a power-users?\u201c<\/strong><br \/>Vytvo\u0159te separ\u00e1tn\u00ed politiku se zm\u00edrn\u011bn\u00edm tam, kde je to opodstatn\u011bn\u00e9 (DevTools povoleny, n\u011bkter\u00e1 opr\u00e1vn\u011bn\u00ed whitelisted). Omezte na pojmenovanou skupinu a <strong>\u010dtvrtletn\u011b<\/strong> kontrolujte, \u017ee to st\u00e1le pot\u0159ebuj\u00ed. V\u00fdvoj\u00e1\u0159i maj\u00ed b\u00fdt <strong>v\u00fdjimka<\/strong>, ne<\/p><p>default.<\/p><p>\u00a0<\/p><p><strong>\u201cA co osobn\u00ed za\u0159\u00edzen\u00ed (BYOD)?\u201d<\/strong><br \/>Pokud je pou\u0161t\u00edte, pou\u017eijte podm\u00edn\u011bn\u00fd p\u0159\u00edstup a kontroly stavu prohl\u00ed\u017ee\u010de. Dr\u017ete firemn\u00ed data v <strong>managed profilech<\/strong> a vynucujte stejn\u00e9 politiky, kde to jde. Kdy\u017e vynucovat nem\u016f\u017eete, omezte, k \u010demu se ta za\u0159\u00edzen\u00ed v\u016fbec dostanou.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f5d4f3d elementor-section-boxed elementor-section-height-default elementor-section-height-default force-full-width-no\" data-id=\"f5d4f3d\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-74588b8\" data-id=\"74588b8\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-da3e35f elementor-widget elementor-widget-text-editor\" data-id=\"da3e35f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><strong>Tipy z praxe (abyste se neu\u010dili bolestn\u011b)<\/strong><\/h3><ul><li><strong>Roz\u0161\u00ed\u0159en\u00ed se ti\u0161e updatuj\u00ed.<\/strong> Dne\u0161n\u00ed ne\u0161kodn\u00fd pomocn\u00edk si z\u00edtra \u0159ekne o \u0161ir\u0161\u00ed opr\u00e1vn\u011bn\u00ed. Permission blacklist je v\u00e1\u0161 p\u00e1s\u2014nechte ho zapnut\u00fd.<\/li><li><strong>Lidi zapomenou, \u017ee p\u0159ihl\u00e1sili prohl\u00ed\u017ee\u010d.<\/strong> Z\u00e1kaz osobn\u00edch p\u0159ihl\u00e1\u0161en\u00ed br\u00e1n\u00ed \u201ecookie gul\u00e1\u0161i\u201c a divn\u00fdm sync koliz\u00edm mezi prac\u00ed a soukrom\u00edm.<\/li><li><strong>V\u00fdjimky buj\u00ed, kdy\u017e je nepro\u0159ez\u00e1v\u00e1te.<\/strong> Ud\u011blejte z reviz\u00ed rutinu. Kdy\u017e d\u016fvod padl, v\u00fdjimku zru\u0161te.<\/li><li><strong>Pojmenov\u00e1vejte politiky srozumiteln\u011b.<\/strong> \u201eSales-Laptops-BSP-Strict-v3\u201c je lep\u0161\u00ed ne\u017e \u201eNov\u00e1 prohl\u00ed\u017ee\u010dov\u00e1 politika (2)\u201c.<\/li><li><strong>Publikujte, kdy\u017e to jde, jednu zm\u011bnu najednou.<\/strong> Kdy\u017e p\u0159epnete \u0161est v\u011bc\u00ed a n\u011bco se rozbije, nepozn\u00e1te, co to zp\u016fsobilo.<\/li><li><strong>Pi\u0161te si vzory poruch.<\/strong> Kdy\u017e site pad\u00e1 kv\u016fli t\u0159et\u00edm stran\u00e1m cookies, zaznamenejte dom\u00e9ny, kter\u00e9 jste museli povolit\u2014p\u0159\u00ed\u0161t\u011b se to hod\u00ed.<\/li><li><strong>Najd\u011bte si \u201echampiony\u201c.<\/strong> Jeden \u010dlov\u011bk na odd\u011blen\u00ed, co v\u010das zachyt\u00ed trable a vysv\u011btl\u00ed \u201epro\u010d\u201c sv\u00fdm. Mal\u00fd n\u00e1klad, velk\u00fd efekt.<\/li><\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Zn\u00e1te ten pocit, kdy\u017e otev\u0159ete u\u017eivatelsk\u00fd prohl\u00ed\u017ee\u010d a vypad\u00e1 to tam jako na ble\u0161\u00e1ku? Panely n\u00e1stroj\u016f, kup\u00f3nov\u00e9 pluginy, pozn\u00e1mkov\u00e9 vychyt\u00e1vky, \u201eproduktivitn\u00ed\u201c pomocn\u00edci\u2026 a nikdo po\u0159\u00e1dn\u011b nev\u00ed, pro\u010d jich je tolik. P\u0159idejte v\u0161udyp\u0159\u00edtomn\u00e1 okna \u201eP\u0159ihl\u00e1sit se pomoc\u00ed Google\/Microsoft\u201c a m\u00e1te dv\u011b st\u00e1l\u00e9 cesty, kudy mohou t\u00e9ct data ven: podez\u0159el\u00e1 roz\u0161\u00ed\u0159en\u00ed a rizikov\u00e9 OAuth aplikace. Dobr\u00e1 zpr\u00e1va: [&hellip;]<\/p>\n","protected":false},"author":78,"featured_media":104927,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","om_disable_all_campaigns":false,"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_links_to":"","_links_to_target":""},"categories":[274,289],"tags":[771],"acf":[],"aioseo_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed - MWT Solutions<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/\" \/>\n<meta property=\"og:locale\" content=\"cs_CZ\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed - MWT Solutions\" \/>\n<meta property=\"og:description\" content=\"Zn\u00e1te ten pocit, kdy\u017e otev\u0159ete u\u017eivatelsk\u00fd prohl\u00ed\u017ee\u010d a vypad\u00e1 to tam jako na ble\u0161\u00e1ku? Panely n\u00e1stroj\u016f, kup\u00f3nov\u00e9 pluginy, pozn\u00e1mkov\u00e9 vychyt\u00e1vky, \u201eproduktivitn\u00ed\u201c pomocn\u00edci\u2026 a nikdo po\u0159\u00e1dn\u011b nev\u00ed, pro\u010d jich je tolik. P\u0159idejte v\u0161udyp\u0159\u00edtomn\u00e1 okna \u201eP\u0159ihl\u00e1sit se pomoc\u00ed Google\/Microsoft\u201c a m\u00e1te dv\u011b st\u00e1l\u00e9 cesty, kudy mohou t\u00e9ct data ven: podez\u0159el\u00e1 roz\u0161\u00ed\u0159en\u00ed a rizikov\u00e9 OAuth aplikace. Dobr\u00e1 zpr\u00e1va: [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/\" \/>\n<meta property=\"og:site_name\" content=\"MWT Solutions\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-29T08:26:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-30T10:07:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/CZ25_Artykuly__www.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1153\" \/>\n\t<meta property=\"og:image:height\" content=\"604\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Amelia Ska\u0142a\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Napsal(a)\" \/>\n\t<meta name=\"twitter:data1\" content=\"Amelia Ska\u0142a\" \/>\n\t<meta name=\"twitter:label2\" content=\"Odhadovan\u00e1 doba \u010dten\u00ed\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 minut\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/\"},\"author\":{\"name\":\"Amelia Ska\u0142a\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/#\/schema\/person\/ef10dc8d5c1a96eb585dd39be4c05f19\"},\"headline\":\"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed\",\"datePublished\":\"2025-09-29T08:26:34+00:00\",\"dateModified\":\"2025-09-30T10:07:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/\"},\"wordCount\":2719,\"publisher\":{\"@id\":\"https:\/\/i.mwtsolutions.eu\/#organization\"},\"keywords\":[\"browser security plus\"],\"articleSection\":[\"\u010cl\u00e1nky\",\"Novinky\"],\"inLanguage\":\"cs\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/\",\"url\":\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/\",\"name\":\"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed - MWT Solutions\",\"isPartOf\":{\"@id\":\"https:\/\/i.mwtsolutions.eu\/#website\"},\"datePublished\":\"2025-09-29T08:26:34+00:00\",\"dateModified\":\"2025-09-30T10:07:54+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/#breadcrumb\"},\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/i.mwtsolutions.eu\/cs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a&nbsp;zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/#website\",\"url\":\"https:\/\/i.mwtsolutions.eu\/\",\"name\":\"MWT Solutions\",\"description\":\"Kolejna witryna oparta na WordPressie\",\"publisher\":{\"@id\":\"https:\/\/i.mwtsolutions.eu\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/i.mwtsolutions.eu\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"cs\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/#organization\",\"name\":\"MWT Solutions\",\"url\":\"https:\/\/i.mwtsolutions.eu\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/05\/logo_MWT_rgb-color-1.png\",\"contentUrl\":\"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/05\/logo_MWT_rgb-color-1.png\",\"width\":2825,\"height\":850,\"caption\":\"MWT Solutions\"},\"image\":{\"@id\":\"https:\/\/i.mwtsolutions.eu\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/pl.linkedin.com\/company\/mwt-solutions\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/#\/schema\/person\/ef10dc8d5c1a96eb585dd39be4c05f19\",\"name\":\"Amelia Ska\u0142a\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"cs\",\"@id\":\"https:\/\/i.mwtsolutions.eu\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4105f710163834a2dc482ca5b04bad16?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4105f710163834a2dc482ca5b04bad16?s=96&d=mm&r=g\",\"caption\":\"Amelia Ska\u0142a\"},\"url\":\"https:\/\/i.mwtsolutions.eu\/cs\/author\/amelia-skala\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed - MWT Solutions","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/","og_locale":"cs_CZ","og_type":"article","og_title":"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed - MWT Solutions","og_description":"Zn\u00e1te ten pocit, kdy\u017e otev\u0159ete u\u017eivatelsk\u00fd prohl\u00ed\u017ee\u010d a vypad\u00e1 to tam jako na ble\u0161\u00e1ku? Panely n\u00e1stroj\u016f, kup\u00f3nov\u00e9 pluginy, pozn\u00e1mkov\u00e9 vychyt\u00e1vky, \u201eproduktivitn\u00ed\u201c pomocn\u00edci\u2026 a nikdo po\u0159\u00e1dn\u011b nev\u00ed, pro\u010d jich je tolik. P\u0159idejte v\u0161udyp\u0159\u00edtomn\u00e1 okna \u201eP\u0159ihl\u00e1sit se pomoc\u00ed Google\/Microsoft\u201c a m\u00e1te dv\u011b st\u00e1l\u00e9 cesty, kudy mohou t\u00e9ct data ven: podez\u0159el\u00e1 roz\u0161\u00ed\u0159en\u00ed a rizikov\u00e9 OAuth aplikace. Dobr\u00e1 zpr\u00e1va: [&hellip;]","og_url":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/","og_site_name":"MWT Solutions","article_published_time":"2025-09-29T08:26:34+00:00","article_modified_time":"2025-09-30T10:07:54+00:00","og_image":[{"width":1153,"height":604,"url":"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/09\/CZ25_Artykuly__www.jpg","type":"image\/jpeg"}],"author":"Amelia Ska\u0142a","twitter_card":"summary_large_image","twitter_misc":{"Napsal(a)":"Amelia Ska\u0142a","Odhadovan\u00e1 doba \u010dten\u00ed":"13 minut"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/#article","isPartOf":{"@id":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/"},"author":{"name":"Amelia Ska\u0142a","@id":"https:\/\/i.mwtsolutions.eu\/#\/schema\/person\/ef10dc8d5c1a96eb585dd39be4c05f19"},"headline":"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed","datePublished":"2025-09-29T08:26:34+00:00","dateModified":"2025-09-30T10:07:54+00:00","mainEntityOfPage":{"@id":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/"},"wordCount":2719,"publisher":{"@id":"https:\/\/i.mwtsolutions.eu\/#organization"},"keywords":["browser security plus"],"articleSection":["\u010cl\u00e1nky","Novinky"],"inLanguage":"cs"},{"@type":"WebPage","@id":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/","url":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/","name":"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed - MWT Solutions","isPartOf":{"@id":"https:\/\/i.mwtsolutions.eu\/#website"},"datePublished":"2025-09-29T08:26:34+00:00","dateModified":"2025-09-30T10:07:54+00:00","breadcrumb":{"@id":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/#breadcrumb"},"inLanguage":"cs","potentialAction":[{"@type":"ReadAction","target":["https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/browser-security-plus-jak-zkrotit-rozsireni-a-zneuzivani-oauth-aplikaci\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/i.mwtsolutions.eu\/cs\/"},{"@type":"ListItem","position":2,"name":"Browser Security Plus: Jak zkrotit roz\u0161\u00ed\u0159en\u00ed a&nbsp;zneu\u017e\u00edv\u00e1n\u00ed OAuth aplikac\u00ed"}]},{"@type":"WebSite","@id":"https:\/\/i.mwtsolutions.eu\/#website","url":"https:\/\/i.mwtsolutions.eu\/","name":"MWT Solutions","description":"Kolejna witryna oparta na WordPressie","publisher":{"@id":"https:\/\/i.mwtsolutions.eu\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/i.mwtsolutions.eu\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"cs"},{"@type":"Organization","@id":"https:\/\/i.mwtsolutions.eu\/#organization","name":"MWT Solutions","url":"https:\/\/i.mwtsolutions.eu\/","logo":{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/i.mwtsolutions.eu\/#\/schema\/logo\/image\/","url":"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/05\/logo_MWT_rgb-color-1.png","contentUrl":"https:\/\/i.mwtsolutions.eu\/wp-content\/uploads\/2025\/05\/logo_MWT_rgb-color-1.png","width":2825,"height":850,"caption":"MWT Solutions"},"image":{"@id":"https:\/\/i.mwtsolutions.eu\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/pl.linkedin.com\/company\/mwt-solutions"]},{"@type":"Person","@id":"https:\/\/i.mwtsolutions.eu\/#\/schema\/person\/ef10dc8d5c1a96eb585dd39be4c05f19","name":"Amelia Ska\u0142a","image":{"@type":"ImageObject","inLanguage":"cs","@id":"https:\/\/i.mwtsolutions.eu\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4105f710163834a2dc482ca5b04bad16?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4105f710163834a2dc482ca5b04bad16?s=96&d=mm&r=g","caption":"Amelia Ska\u0142a"},"url":"https:\/\/i.mwtsolutions.eu\/cs\/author\/amelia-skala\/"}]}},"_links":{"self":[{"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/posts\/104859"}],"collection":[{"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/users\/78"}],"replies":[{"embeddable":true,"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/comments?post=104859"}],"version-history":[{"count":99,"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/posts\/104859\/revisions"}],"predecessor-version":[{"id":105045,"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/posts\/104859\/revisions\/105045"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/media\/104927"}],"wp:attachment":[{"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/media?parent=104859"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/categories?post=104859"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/i.mwtsolutions.eu\/cs\/wp-json\/wp\/v2\/tags?post=104859"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}