vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
-
Updated
Aug 11, 2023 - HTML
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be accessed from another domain outside the domain from which the first resource was served. CORS also relies on a mechanism by which browsers make a "preflight" request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, fetch()
and XMLHttpRequest
follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.
fetch()
or XMLHttpRequest
@font-face
within CSS), so that servers can deploy TrueType fonts that can only be loaded cross-origin and used by websites that are permitted to do sodrawImage()
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
JAVA 漏洞靶场 (Vulnerability Environment For Java)
Simple HTML & JS Tool to quickly test CORS locally.
Simple API for storing all incoming XSS requests and various XSS templates.
Node Js - Node-JS-Full-Security-Implementation-Project Node js full security implementation project using EJS view engine Topics Covered Security: Crypto - Encryption/Decryption Helmet Js for handle security like xssFilter | noSniff | noCache | hpkp | frameguard Etc. CORS - Cross-Origin Resource Sharing CSRF Token HTTPS Topics Covered Basic: PDF…
Un servidor hecho en python flask que permite consultar todos los métodos de la api de Invertir Online
Library Information System
Gobaber is a barber scheduling application
Pluralsight course materials for Microsoft Azure Developer: Configuring CORS with Storage
Simple CORS Proxy Server [POST and GET] methods Allowed
Fitness Class Booking System is a project built using HTML, CSS, JavaScript, MongoDB, Express, Mongoose, Node.js, and various NPM packages. The system offers features such as class browsing, booking, and cancellation, user registration and login.
A quick walkthrough setting up a new authenticated serverless app using Zappa and Cognito
Created by WHATWG, Matt Oshry, Brad Porter, Michael Bodell, Tellme Networks
Released May 2006