What is Origin URL when making HttpRequests from Visual Studio Unit Tests?

Asked Nov 05 '18 at 19:32

Active Nov 05 '18 at 19:32

Viewed 26 times

I am using Visual Studio 2017 to run an integration test (TestMethod) to make read requests to a service.

The issue is that the service has Access-Control-Allow-Origin security implemented, meaning that it only allows the requests if the sender's url (i.e. origin) is specified/recognized by the service.

Question

How can i find out what the origin url when running unit tests from Visual Studio?

asked Nov 05 '18 at 19:32

AlvinfromDiaspar

6,611
13
75
140

I think `Origin` is not set in those requests. Also you should not use the `Origin` or `Referer` headers for authorization, because an attacker can send any value, including the ones accepted. The purpose of the same origin policy from this point of view is mostly to prevent CSRF, not access control. – Gabor Lengyel Nov 05 '18 at 21:49
1

The origin header is just one of many security checks that we do. It's not for authorization as you've mentioned. – AlvinfromDiaspar Nov 06 '18 at 18:52

What is Origin URL when making HttpRequests from Visual Studio Unit Tests?

0 Answers0