Web Application Penetration Testing Tutorial For Beginners
What is Cross-Origin Resource Sharing (CORS) Vulnerability in Web API?
Cross Origin Resource Sharing (CORS) Definition
CORS stands for Cross-origin resource sharing. It is a web-based mechanism that is used to control access to resources hosted outside a specific domain. It has several benefits, like getting the flexibility for addition and extension of the same-origin policy (SOP).
Testing for CORS Vulnerability
To test cross-origin resource sharing (CORS), you can use tools like OWASP Zed Attack Proxy Project. It will help you to intercept HTTP headers. You need to pay heed to the origin header to understand the domains that are allowed.
Test your knowledge with a quick quiz!
Which header is mostly used for testing CORS?
Select the correct answer