# Permissive Cross-domain Policy with Untrusted Domains (CWE-942)

The product uses a cross-domain policy file that includes domains that should not be trusted.

**Stack:** Go

- Prevalence: 높음 자주 악용됨
- Impact: 높음 1개의 높은 심각도 규칙
- Prevention: 문서화됨 9개의 수정 예시

**OWASP:** Security Misconfiguration (A05:2021-Security Misconfiguration) - #5

## Description

A cross-domain policy file specifies the permissions for a web client to handle data across multiple domains. When overly permissive settings are used, malicious sites can abuse these permissions to access sensitive data or perform unauthorized actions on behalf of the user.

## Prevention

### Go

Configure specific allowed origins in Chi CORS middleware

Configure specific allowed origins in Echo CORS middleware

Configure specific allowed origins in Fiber CORS middleware

## Warning Signs

- [MEDIUM] Gin CORS middleware configured with wildcard origin
- [MEDIUM] CORS policy allows untrusted origins

## Consequences

- 애플리케이션 데이터 읽기
- 보호 메커니즘 우회
- 애플리케이션 데이터 수정

## Mitigations

- 접근 정책을 신중히 검토하고 cross-domain 정책 파일에서 도메인을 제한하세요
- 모든 도메인을 허용하기 위해 와일드카드(*)를 사용하지 마세요
- CORS 헤더를 검토하고 신뢰할 수 있는 출처에만 허용하세요

## Detection

- Total rules: 9
- Languages: python, go

## Rules by Language

### Go (5 rules)

- **Chi Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
r.Use(cors.Handler(cors.Options{
    AllowedOrigins: []string{
        "https://example.com",
        "https://app.example.com",
    },
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Echo Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
    AllowOrigins: []string{
        "https://example.com",
        "https://app.example.com",
    },
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Fiber Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
app.Use(cors.New(cors.Config{
    AllowOrigins: "https://example.com,https://app.example.com",
}))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Gin Permissive CORS** [MEDIUM]: Wildcard CORS allows any origin to access resources.
  - Remediation: Specify allowed origins instead of wildcard.

```go
config := cors.DefaultConfig()
config.AllowOrigins = []string{
    "https://example.com",
    "https://app.example.com",
}
r.Use(cors.New(config))
```

Learn more: https://shoulder.dev/learn/go/cwe-942/cors
- **Permissive CORS Configuration** [MEDIUM]: CORS allows wildcard origin or reflects Origin header without validation.
  - Remediation: Whitelist specific allowed origins instead of using wildcards.

```go
allowedOrigins := map[string]bool{
    "https://app.example.com": true,
}

origin := r.Header.Get("Origin")
if allowedOrigins[origin] {
    w.Header().Set("Access-Control-Allow-Origin", origin)
}
```

Learn more: https://shoulder.dev/learn/go/cwe-942/permissive-cors