Research on CORS Misconfiguration

What is CORS?

A request for a resource (like an image or a font, etc ) outside of the origin is known as a cross origin request.

  1. User loads the page from “x.com”
  2. While loading the initial page from “x.com” a request is made to “y.com”. This request is known as cross origin request. Hence browser will first perform pre-flight request.
  3. If the pre-flight request is successful “y.com” sends the:

What is the CORS Misconfiguration?

An HTML5 cross-origin resource sharing (CORS) policy controls whether and how content running on other domains can perform two-way interaction with the domain that publishes the policy. The policy is fine-grained and can apply access controls per-request based on the URL and other features of the request.

Types of CORS Attacks

1. Server-generated ACAO header from client-specified Origin header

  1. Cross-origin redirects.
  2. Requests from serialized data.
  3. Request using the file: protocol.
  4. Sandboxed cross-origin requests.
  1. Proper configuration of cross-origin requests
  2. Only allow trusted sites
  3. Avoid whitelisting null
  4. Avoid wildcards in internal networks

References:

https://www.acunetix.com/blog/web-security-zone/what-is-same-origin-policy/

Profile Links:

Twitter: https://twitter.com/PrajitSindhkar?s=08

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Prajit Sindhkar

Prajit Sindhkar

1.5K Followers

I am a India Based Security Researcher, Bugcrowd Top 500 Hacker and Bug Bounty Leader of the BUGXS Community