1

Some browser like Chrome and Safari doesn't allow cross-origin request because users have to respect the same origin security policy. But which are the real risk allowing this? I mean, what kind of attack an hacker would be able to do without the same-origin-security-policy?

AstroCB
  • 12,337
  • 20
  • 57
  • 73
Jennifer Vandoni
  • 687
  • 1
  • 6
  • 8

1 Answers1

0

Well actually all browsers comply with the same-origin policy. The reason for it is that if the policy didn't apply, upon visiting evil site, that site would essentially control your browser, could take use of any active sessions and cookies etc. You would be able to make ajax requests to any website the person is logged in using his session and perform virtually any task you'd like. You could also make requests to different ports, which again could be abused, used to make zombies, and hundreds other things more creative people would think off...

Essentially the integrity of all your session would be gone upon visiting a any site.

I would suggest reading this for a detailed explanation of the issue.

cyber-guard
  • 1,776
  • 14
  • 30
  • what do you mean with "used to make zombies"? I'm not a security expert :) thanks! – Jennifer Vandoni Sep 23 '13 at 14:19
  • ok so zombies (the technique used is also often called XSS shell, XSS tunnel) is essentially piece of js code that will force the victim browser to connect back to you (normally you set up a small server, it can be run from your computer or a small vps), and from there on you have a tunnel between you and the victim (he becomes a zombie...) whereby you are able to execute js of your liking on the remote browser, do all kinds of stuff, and also use the victim browser to proxy your http traffic; so yeah that's in short what I meant by zombies – cyber-guard Sep 24 '13 at 20:56