Closed Bug 1797285 Opened 2 years ago Closed 2 years ago

cross-browser CORS bypass

Categories

(Core :: DOM: Networking, defect)

Product:
Core
Component:
DOM: Networking
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1790311

People

(Reporter: martin.oneal, Unassigned)

Details

(Keywords: reporter-external, Whiteboard: [reporter-external] [client-bounty-form] [verif?])

An oversight in the whatwg standard for fetch allowed the CORS restrictions that limit the methods to be bypassed. Amongst other things, this allowed Cross Sitew Tracing (XST) to be brought back from the dead.

The bug has been fixed at the whatwg level now, and has had patches applied to all the common browsers.

the firefox bug is here: https://bugzilla.mozilla.org/show_bug.cgi?id=1790311

Flags: sec-bounty?
Group: firefox-core-security → network-core-security
Component: Security → DOM: Networking
Product: Firefox → Core

I'm sorry, I don't understand what you are reporting here. Is this is distinct issue from bug 1790311? Are you saying that bug 1790311 is incomplete or that there is some other issue? Thanks.

Flags: needinfo?(martin.oneal)

ah, looks like a misunderstanding. I was looking to register the issue for a bug bounty, and the web site said I needed to fill in a form, which generated a second ticket. Probably needs ammending for clarity!

It's a duplicate so good to close.

Flags: needinfo?(martin.oneal)

Thanks for the explanation.

Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Duplicate of bug: CVE-2022-45411
Resolution: --- → DUPLICATE
Group: network-core-security → core-security-release
Flags: sec-bounty? → sec-bounty-
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.