Closed Bug 862486 Opened 11 years ago Closed 11 years ago

Possible vulnerability when checking origin on user/create API call

Categories

(Webmaker Graveyard :: Login, defect)

Product:
Webmaker Graveyard
Component:
Login
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: sedge, Unassigned)

Details

When comparing the origin of the "user/create" API request to the list of allowed origins, we realized that someone could spoof the origin by changing the header on their request and possibly make trouble.

Is this a valid concern?
Flags: needinfo?(jon)
Flags: needinfo?(david.humphrey)
For a cross origin request, the spec does not allow the "Origin" header to be overriden by the developer, so you don't need to worry about this attack vector: http://www.w3.org/TR/cors/#source-origin-0
Status: NEW → RESOLVED
Closed: 11 years ago
Flags: needinfo?(jon)
Flags: needinfo?(david.humphrey)
Resolution: --- → INVALID
:jbuck - Perhaps I'm not understanding the terminology involved.  Couldn't the client modify that part of the header before sending it to the server?
You need to log in before you can comment on or make changes to this bug.