Collaborate Disseminate
My question is on paypals csrf stateless solution: https://github.com/krakenjs/jwt-csrf
This csrf solution obliges the user to put the token in the header. Is there a security reason why the token should be in the header?
I… Continue reading Is Paypal’s Stateless CSRF no longer Express Compatible
I have one web application making a HTTP POST torward another web site (target origin, let’s say B). The HTTP request made includes origin with different value than the target origin (let’s say origin A) and this triggers Ant… Continue reading How to relax antiCSRF check for one domain only
I found a response where duplicate headers are used by the application with the same value. Could anyone tell me that, Is it a good programming practice or those are used for security perspective or anything else?
HTTP/1.1 … Continue reading Is it fine to use duplicate response header with same value?
I am a beginner in security and reading about host header injection. I tested an application for this vulnerability and it is possible there for some request, but the developer implemented no-cache, no-store flags and this vu… Continue reading Is host header injection possible without cache or password reset?
When authenticating from a browser application to an API layer, you can verify the request origin for CORS requests. I’m aware that this is primarily to prevent CSRF attacks. It doesn’t prevent an attacker from accessing the … Continue reading Is it worth verifying the request hostname in API-to-API communications?
More and more applications are moving from desktop to the web, where they are particularly exposed to security risks. They are often tied to a database backend, and thus need to be properly secured, even though most of the time they are designed t… Continue reading How to harden AdwCleaner’s web backend using PHP
I’m trying to verify the CORS settings of a website using cURL. The following command should let me check whether the CORS settings can be considered as secure or if requests may be made across origins.
I’m performing a pref… Continue reading Check for insecure CORS settings with cURL
I have recently been scammed and compiling a report for the police. I have the suspect’s last email to me and would like to extract as much information as possible from it; IP address and hopefully subsequent location, etc? I… Continue reading Information from email header for police report
Basically, I’ve found an XSS injection by changing the payload with the X-Forwarded-Host header, since its value is reflected in the document and is not sanitized.
An example, this is the document source:
<a href=”http:/… Continue reading What is an exploitation schema in this XSS attack?
I’m building a CSRF protection on my application, and I am wondering on the best (or let’s say least unsecure) way to transmit my CSRF token. The application enforces HTTPS, with TLS1.2.
When I generate the token on server s… Continue reading Is CSRF token managed through HTTP headers safe?