Collaborate Disseminate
My understanding is that
Strict is the best as, admitting you have a recent browser, it completely replaces the need for CSRF Token.
Strcit is however a big hit on usability as things like SSO or just having a link in email to go to a log… Continue reading Is using two cookies one Lax and one Strict a way to improve usability without compromising security?
If I have understood Cross-Site WebSocket Hijacking (CSWSH) attack correctly [1][2][3][4], the attack relies on two things (examples are from the first reference):
the browser sending the cookies set by the victim domain (www.some-trading… Continue reading Why is the browser not sending cookies with cross-domain WebSocket handshake request?
I have several apps connected to a single Identity Provider, which allows a Single SignOn experience for our users, and requires also a Single LogOut one.
For the logout, any app will start the logout request, calling the Identity Provider… Continue reading Is it dangerous to expose a front-channel logout endpoint that does not require authentication?
I have www.example.com a WordPress website and www.official.com this third-party website, I want to invoke <iframe src="www.example.com"></iframe> in www.official.com
Here my website is running but cookies blocking
Ho… Continue reading How to display first party website to third party website | inside the Iframe
I have found a CORS on a website but when I am trying to exploit it for a POC it is fetching all the cookies except auth cookies and due to that I am getting an error message to "User not logged In"
CORS Exploit Request
If I have session cookie or just cookie which is Secure, HttpOnly with SameSite=Strict and is never transmitted even in requests within the same domain and the page uses TLS.
Is there any attack that could catch this cookie? If so, how can… Continue reading Security of the not transmitted cookie
I am building a web form in PHP, is just for the user to request information about my services or send comments, so I don‘t need the user to be logged with a username and a password, no databse. I have the validation and sanitation scripts… Continue reading Do I need to set up super global SESSION for a web form?
I am solving PortSwigger’s lab: "CSRF where token is tied to non-session cookie". For testing SameSite attribute I created a cookie in my browser with SameSite=Strict for domain https://<id>.web-security-academy.net/.
Then… Continue reading Browser sends cookie with "SameSite=Strict" attribute on another domain
Are there any security risks to returning a user’s JWT in the response body to a GET request? The JWT is only returned for authenticated users. Authentication is managed via a JWT stored as a HttpOnly, Secure, SameSite:Lax cookie.
Flow, in… Continue reading Security risks to returning JWT token in the response body to a GET request?
My question is : Is this approach correct given I have a non-Oauth service? My goal is to use the simplest amount of security features while still being as strong as possible.
My approach is as follows and I am asking for feedback on wheth… Continue reading I have a non-Oauth service and am using this approach with Server initiated HttpOnly cookies with stripped JWT