2015-12-06 Артем Зиненко - Что делать, если браузеры клиентов действуют против них?
•
0 likes•246 views
This document discusses common browser vulnerabilities that can allow hackers to access user data. It covers topics like cross-site scripting (XSS), cross-site request forgery (CSRF), unvalidated redirects, clickjacking, and cross-origin resource sharing (CORS) configuration issues. The document provides examples of how these vulnerabilities can be exploited, such as hijacking user sessions after login or changing user account details without consent. Proper validation of user input and access controls are necessary to prevent unauthorized access to user data and accounts.
More Related Content
What's hot
What's hot (6)
Viewers also liked
Viewers also liked (17)
Similar to 2015-12-06 Артем Зиненко - Что делать, если браузеры клиентов действуют против них?
Similar to 2015-12-06 Артем Зиненко - Что делать, если браузеры клиентов действуют против них? (20)
More from HappyDev
More from HappyDev (20)
Recently uploaded
Recently uploaded (20)
2015-12-06 Артем Зиненко - Что делать, если браузеры клиентов действуют против них?
- 4. ПЛАН
- 11. site.com
- 17. CROSS ORIGIN RESOURCE SHARING
- 21. var r = new XMLHttpRequest(); r.open('GET', ‘http://site2.com’, true); r.send();
- 22. GET / HTTP/1.1 Host: site2.com Origin: http://site1.com/
- 24. var r = new XMLHttpRequest(); r.open('GET', ‘http:// site2.com’, true); r.withCredentials = true; r.send();
- 25. GET / HTTP/1.1 Host: site2.com Origin: http://site1.com/ Cookie: token=ab7…
- 26. HTTP/1.1 200 OK Access-Control-Allow- Origin: http:// site1.com Access-Control-Allow- Credentials: true [Data]
- 28. var r = new XMLHttpRequest(); r.open('POST', ‘http:// site2.com’, true); r.setRequestHeader(‘Content- Type’,'application/json'); r.setRequestHeader('X-HEADER', 'lalala'); r.send(data);
- 29. OPTIONS / HTTP/1.1 Host: site2.com Origin: http://site1.com/ Access-Control-Request- Method: POST Access-Control-Request- Headers: X-HEADER
- 30. HTTP/1.1 200 OK Access-Control-Allow-Origin: http://site1.com Access-Control-Allow- Methods: POST, GET, OPTIONS Access-Control-Allow- Headers: X-HEADER
- 31. POST / HTTP/1.1 Host: site2.com Origin: http://site1.com/ X-HEADER: lalala Content-Type: application/json [Data]
- 34. Cross-origin reads var r = new XMLHttpRequest(); r.open('GET', ‘http:// site2.com’, true); r.withCredentials = true; r.send();
- 35. Cross-origin writes var c = new XMLHttpRequest(); c.withCredentials = true; c.open("POST", ...); c.setRequestHeader("Content- Type", “...”); c.send(...);
- 37. Bad CORS
- 39. HACKED
- 40. CHANGE PASSWORD
- 45. GET evil.com
- 46. GET evil.com
- 47. <form method=“POST” action=“http:// service.com/profile”> <input type=“hidden” name=“name” value=“email@evil.com” /> <input type=“hidden” name=“password” value=“78330…” /> <input type=“hidden” name=“retypedPassword” value=“2c84…” /> </form>
- 48. <form method=“POST” action=“http://service.com/profile”> <input type=“hidden” name=“name” value=“art”/> <input type=“hidden” name=“password” value=“78330…”/> <input type=“hidden” name=“retypedPassword” value=“2c84…”/> </form>
- 50. POST /profile name, password GET evil.com
- 51. HACKED
- 53. CHANGE EMAIL
- 59. PASSWORD???
- 61. HACKED
- 65. HTTP/1.1 302 Found Location: https:// qqq.site.com/ Set-Cookie:token=djnD…; domain=.site.com;
- 67. HTTP/1.1 302 Found Location: https:// qqq-site.com/? token=djnD…
- 68. HACKED