# Permissive Cross-domain Policy with Untrusted Domains (CWE-942)

The product uses a cross-domain policy file that includes domains that should not be trusted.

**Stack:** Go

- Prevalence: Hoch Häufig ausgenutzt
- Impact: Hoch 1 Regeln mit hohem Schweregrad
- Prevention: Dokumentiert 9 Fix-Beispiele

**OWASP:** Security Misconfiguration (A05:2021-Security Misconfiguration) - #5

## Description

A cross-domain policy file specifies the permissions for a web client to handle data across multiple domains. When overly permissive settings are used, malicious sites can abuse these permissions to access sensitive data or perform unauthorized actions on behalf of the user.

## Prevention

### Go

Configure specific allowed origins in Chi CORS middleware

Configure specific allowed origins in Echo CORS middleware

Configure specific allowed origins in Fiber CORS middleware

## Warning Signs

- [MEDIUM] Gin CORS middleware configured with wildcard origin
- [MEDIUM] CORS policy allows untrusted origins

## Consequences

- Anwendungsdaten lesen
- Schutzmechanismus umgehen
- Anwendungsdaten ändern

## Mitigations

- Zugriffsrichtlinien sorgfältig prüfen und Domains in der Cross-Domain-Policy-Datei einschränken
- Keine Wildcards (*) verwenden, um alle Domains zuzulassen
- CORS-Header prüfen und nur auf vertrauenswürdige Ursprünge beschränken

## Detection

- Total rules: 9
- Languages: python, go

## Rules by Language

### Go (5 rules)

- **Chi Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
r.Use(cors.Handler(cors.Options{
    AllowedOrigins: []string{
        "https://example.com",
        "https://app.example.com",
    },
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Echo Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
    AllowOrigins: []string{
        "https://example.com",
        "https://app.example.com",
    },
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Fiber Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
app.Use(cors.New(cors.Config{
    AllowOrigins: "https://example.com,https://app.example.com",
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Gin Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
config := cors.DefaultConfig()
config.AllowOrigins = []string{
    "https://example.com",
    "https://app.example.com",
}
r.Use(cors.New(config))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Permissive CORS Configuration** [MEDIUM]: CORS allows wildcard origin or reflects Origin header without validation.
  - Remediation: Whitelist specific allowed origins instead of using wildcards.

```go
allowedOrigins := map[string]bool{
    "https://app.example.com": true,
}

origin := r.Header.Get("Origin")
if allowedOrigins[origin] {
    w.Header().Set("Access-Control-Allow-Origin", origin)
}
```

Learn more: https://shoulder.dev/learn/go/cwe-942/permissive-cors