forked from ybieri/Additional_CORS_Checks
-
Notifications
You must be signed in to change notification settings - Fork 1
/
BappDescription.html
21 lines (18 loc) · 1.48 KB
/
BappDescription.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
<p>Description</p>
<p>This extension can be used to test websites for CORS misconfigurations. It can spot trivial misconfigurations, like arbitrary origin reflection, but also more subtle ones where a regex is not properly configured. An issue is created if a dangerous origin is reflected. If "Access-Control-Allow-Credentials: true" is also set, the issue is rated high, otherwise low. Finally, the user has to decide whether the reflected Origin is intended (e.g. CDN) or whether it is a security issue.</p>
<p>Features</p>
<p>"CORS* - Additional CORS Checks" can be run in either automatic or manual mode.</p>
<p>Automatic</p>
<ul>
<li>In the CORS* tab, the extension can be activated.</li>
<li>If activated, the extension will test CORS misconfigurations for each proxy request by sending multiple requests with different origins.</li>
<li>There are options to only endable it for in-scope items and to exclude requests with certain file extensions.</li>
<li>The "URL for CORS Request" is used to test for arbitrary reflection and as prefix/suffix in testing regex misconfigurations.</li>
<li>If a potential misconfiguration is discovered, the request is highlighted in red</li>
<li>If an issue is detected, it is also reported in the Target and Dashboard tabs.</li>
</ul>
<p>Manual</p>
<ul>
<li>Requests can be added to CORS* using the extension menu.</li>
<li>The requests to test for CORS misconfiguration can then be sent using the "Send CORS requests for selected entry" button.</li>
</ul>