Security Implications of Cross-Origin Resource Sharing - HTML5 and CORS Analysis
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the security implications of Cross-Origin Resource Sharing (CORS) in HTML5 through this in-depth conference talk from AppSecEU 2014. Delve into how CORS allows websites to load resources from other domains, even in restricted environments, using browser-saved authentication tokens. Examine the effects on various Internet actors, new trust relationships, and the breaking of same-origin policy. Learn about CORS functionality, its predecessor JSON-P, and conduct a threat analysis to understand its impact on traditional XmlHttpRequests. Discover how CORS introduces new attack vectors and transforms well-known attacks like Cross-Site Request Forgery and Cross-Site Tracing. Witness live demonstrations of these security risks and gain insights into mitigating them. Acquire knowledge on properly handling CORS and building secure web applications that leverage its features without compromising user data.
Syllabus
Gergely Revay - Security Implications of Cross-Origin Resource Sharing
Taught by
OWASP Foundation
Related Courses
Web-Engineering I: Grundlagen der Web-Entwicklungiversity Web Engineering II: Developing Mobile HTML5 Apps
Technische Hochschule Mittelhessen via iversity Desarrollo de Aplicaciones en HTML5 y para Dispositivos Móviles Firefox O.S.
Miríadax Web Engineering III: Quality Assurance
Technische Hochschule Mittelhessen via iversity Information and Communication Technology (ICT) Accessibility
Georgia Institute of Technology via Coursera