As I mentioned in the CORS: Attack scenarios and the CORS: Attacker Model posts, I held the presentation about the security of CORS at the Hacktivity conference in Budapest. The presentation slides can be downloaded from here. If you have any questions to the topic, then let me know.
I was preparing myself for the Hacktivity conference in Budapest, where I talked about the security of the Cross-Origin Resource Sharing (CORS). As part of the preparation I summarised my thoughts in a couple of blog posts. This is one of them.
As a follow up of my previous post, I would like to continue with the short analysis of the threats and attack scenarios which could exploit CORS.
Recently I wanted to do a Cross Site Request Forgery Proof-of-Concept for a file upload functionality. As you might know it is not necessarily as easy as simple form CSRFs. Continue reading