same origin policy – Page 6

Custom JavaScript injection allowed in DOM of other Origins

Posted on February 25, 2019 by Aditya Chaudhary

I am performing a security research on a platform which allows developers to inject custom JavaScript in the DOM of any Origin. As per my understanding, this is a security flaw. Can anyone help me understand if this is an iss… Continue reading Custom JavaScript injection allowed in DOM of other Origins→

Posted on February 20, 2019 by Eran Medan

According to https://en.wikipedia.org/wiki/Cross-site_request_forgery#Cookie-to-header_token

The protection provided by this technique can be thwarted if the
target website disables its same-origin policy using one of the
following… Continue reading How can the Cookie-to-header-token CSRF protection technique be thwarted by permissive CORS origin header?→

Posted on February 7, 2019 by random65537

I have an API endpoint that is accessible by both native (console, mobile apps) and Javascript based clients.

How do I ensure that the CSRF AntiForgeryToken is only invoked during Javascript calls?

Posted on February 5, 2019 by TLDR

I’m investigating CSRF implementations in ASP.NET, MVC, WebAPI the relationship between the headers that are sent:

A Javascript client call of XMLHttpRequest.withCredentials
A server response of Access-Control-Allow-Credent… Continue reading How does SupportsCredentials, Access-Control-Allow-Credentials, and CORS Origin=* relate?→

Posted on January 22, 2019 by Tom Spring

Researchers show how rogue web applications can be used to attack vulnerable browser extensions in a hack that gives adversaries access to private user data. Continue reading How Web Apps Can Turn Browser Extensions Into Backdoors→

Posted on December 21, 2018 by Theophany

Let’s assume an attacker manages to inject this script in a login page:

const form = document.getElementsByTagName(‘form’)[0];

form.addEventListener(‘submit’, stealCredentials);

Posted on November 20, 2018 by Ilya Chernomordik

Same origin policy is an important part of the security model so it is “on” by default for most things, but for the referer it does not seem to be so. The default for browsers seem to be no-referrer-when-downgrade which in pr… Continue reading Why does not Referer header use “same-origin” by default?→

Posted on September 25, 2018 by Tom Spring

Online ad industry moves away from once prolific ads that are now deemed insecure because of DOM-based XSS vulnerabilities. Continue reading Once Popular Online Ad Format Opens Top Tier Sites to XSS Attacks→

Posted on September 21, 2018 by SaAtomic

As stated here, https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS at “Credentialed requests and wildcards”. Quote:

When responding to a credentialed request, the server must specify an
origin in the value of the Ac… Continue reading Web-Application with CORS Origin: * using authorization header→

Posted on September 7, 2018 by Dopin

I’m not a web developer, but I have read about the importance of the same origin policy (SOP) and Cross-Origin Resource Sharing (CORS). I can’t find studies or best practices related to the origin itself. In my understanding,… Continue reading App naming convention vs Same Origin Policy and Cross-Origin Resource Sharing→