x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity

Cross Site Leaks (XS-Leaks) #273

New Issue
Closed
opened 2024-11-23 11:47:56 +00:00 by tim · 1 comment
tim commented 2024-11-23 11:47:56 +00:00
Owner
Copy Link

Cross-site leaks Cheat

This Attack aims to gather information from a user by e.g. embedding the site in an iframe and then try to extract information.

[Cross-site leaks Cheat](https://cheatsheetseries.owasp.org/cheatsheets/XS_Leaks_Cheat_Sheet.html) This Attack aims to gather information from a user by e.g. embedding the site in an iframe and then try to extract information.
tim added this to the security milestone 2024-11-23 11:47:56 +00:00
tim commented 2024-11-23 11:49:15 +00:00
Author
Owner
Copy Link

I'm using "SameSite" for the authentication Cookie

  • Using "SameSite" for cookies
  • disable frame-ancestors
  • filter sec-fetch-site
  • corp header
  • coop header
I'm using "SameSite" for the authentication Cookie - [x] Using "SameSite" for cookies - [x] disable frame-ancestors - [x] filter sec-fetch-site - [x] corp header - [x] coop header
tim closed this issue 2024-11-23 20:35:02 +00:00
This repo is archived. You cannot comment on issues.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
blocker
fun
medium
minor
No Label
Milestone
No items
No Milestone security
Assignees
Clear assignees
renovate tim
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: x/web-app-template#273
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?