You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
despite the importance of the tool and it's purpose ( I really appreciate it ) but the results was not promising in some situation, for example on trying the tool
the result was as above and the cause was presented 0a7600c1033c1375c0b5ac1800ae0002.web-security-academy.net/my-account - Not vulnerable: Access-Control-Allow-Origin header not present
while I (the solution OC) just added the Origin: hello.com header to detect it
I suggest with ❤ U may add the header automatically if not presented in the original request that could increase the chance to detect the Vulnerability .
The text was updated successfully, but these errors were encountered:
ic0ns
changed the title
⚠❤⚠
Access-Control-Allow-Origin Header not correctly detected
Aug 1, 2022
despite the importance of the tool and it's purpose ( I really appreciate it ) but the results was not promising in some situation, for example on trying the tool
the result was as above and the cause was presented
0a7600c1033c1375c0b5ac1800ae0002.web-security-academy.net/my-account - Not vulnerable: Access-Control-Allow-Origin header not present
while I (the solution OC) just added the
Origin: hello.com
header to detect itI suggest with ❤ U may add the header automatically if not presented in the original request that could increase the chance to detect the Vulnerability .
The text was updated successfully, but these errors were encountered: