vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
-
Updated
Aug 11, 2023 - HTML
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a "preflight" request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch()
and XMLHttpRequest
follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.
fetch()
or XMLHttpRequest
@font-face
within CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do sodrawImage()
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
JAVA 漏洞靶场 (Vulnerability Environment For Java)
Simple HTML & JS Tool to quickly test CORS locally.
Simple API for storing all incoming XSS requests.
A quick walkthrough setting up a new authenticated serverless app using Zappa and Cognito
Gobaber is a barber scheduling application
Un servidor hecho en python flask que permite consultar todos los métodos de la api de Invertir Online
Fitness Class Booking System is a project built using HTML, CSS, JavaScript, MongoDB, Express, Mongoose, Node.js, and various NPM packages. The system offers features such as class browsing, booking, and cancellation, user registration and login.
A React APP to verify CORS Permissive Policy.
一個簡單解決跨網域 cookie 請求時,電腦版 Safari 瀏覽器和 iPhone 上的 Safari、Chrome、Firefox 瀏覽器預設阻擋第三方 cookie 的問題。
Node Js - Node-JS-Full-Security-Implementation-Project Node js full security implementation project using EJS view engine Topics Covered Security: Crypto - Encryption/Decryption Helmet Js for handle security like xssFilter | noSniff | noCache | hpkp | frameguard Etc. CORS - Cross-Origin Resource Sharing CSRF Token HTTPS Topics Covered Basic: PDF…
MailDefiner is a versatile email testing platform that allows users to send and track emails efficiently. With features like inbox monitoring and spam testing, it ensures your emails reach their intended recipients with ease while providing insights into their status.
Pluralsight course materials for Microsoft Azure Developer: Configuring CORS with Storage
Created by WHATWG, Matt Oshry, Brad Porter, Michael Bodell, Tellme Networks
Released May 2006