I'm testing this application which is properly validating origin header on the sever side. However, if I add any domain and the expect domain as port, application still consider this valid.
Origin: https://random-domain.com:expected-domain.com
This is also valid.
Origin: https://random-domain.com?expected.domain.com
I'm doing all this from my intercepting proxy but in real world origin header can't have parameters, fragments or alphabetical ports (numeric ports are possible though)
Is there a solution for this? I'm looking for a solution to bypass this and send an arbitrary origin header value and still get successful response.
http://dlvr.it/ShpC5W
G:7-Security (Cyber Security Research and Global Information Security Services)
No comments:
Post a Comment