# Permissive Cross-domain Policy with Untrusted Domains (CWE-942)

The product uses a cross-domain policy file that includes domains that should not be trusted.

**Stack:** Go

- Prevalence: Élevée Fréquemment exploitée
- Impact: Élevé 1 règles de sévérité élevée
- Prevention: Documentée 9 exemples de correctifs

**OWASP:** Security Misconfiguration (A05:2021-Security Misconfiguration) - #5

## Description

A cross-domain policy file specifies the permissions for a web client to handle data across multiple domains. When overly permissive settings are used, malicious sites can abuse these permissions to access sensitive data or perform unauthorized actions on behalf of the user.

## Prevention

### Go

Configure specific allowed origins in Chi CORS middleware

Configure specific allowed origins in Echo CORS middleware

Configure specific allowed origins in Fiber CORS middleware

## Warning Signs

- [MEDIUM] Gin CORS middleware configured with wildcard origin
- [MEDIUM] CORS policy allows untrusted origins

## Consequences

- Lecture des données de l'application
- Contourner le mécanisme de protection
- Modification des données de l'application

## Mitigations

- Évaluez soigneusement les politiques d'accès et limitez les domaines dans le fichier de politique inter-domaines
- N'utilisez pas de jokers (*) pour autoriser tous les domaines
- Examinez et restreignez les en-têtes CORS aux seules origines de confiance

## Detection

- Total rules: 9
- Languages: python, go

## Rules by Language

### Go (5 rules)

- **Chi Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
r.Use(cors.Handler(cors.Options{
    AllowedOrigins: []string{
        "https://example.com",
        "https://app.example.com",
    },
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Echo Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
    AllowOrigins: []string{
        "https://example.com",
        "https://app.example.com",
    },
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Fiber Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
app.Use(cors.New(cors.Config{
    AllowOrigins: "https://example.com,https://app.example.com",
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Gin Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
config := cors.DefaultConfig()
config.AllowOrigins = []string{
    "https://example.com",
    "https://app.example.com",
}
r.Use(cors.New(config))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Permissive CORS Configuration** [MEDIUM]: CORS allows wildcard origin or reflects Origin header without validation.
  - Remediation: Whitelist specific allowed origins instead of using wildcards.

```go
allowedOrigins := map[string]bool{
    "https://app.example.com": true,
}

origin := r.Header.Get("Origin")
if allowedOrigins[origin] {
    w.Header().Set("Access-Control-Allow-Origin", origin)
}
```

Learn more: https://shoulder.dev/learn/go/cwe-942/permissive-cors