BETA Shoulder jest w wersji beta — Wyniki mogą czasami być błędne. Twoja opinia kształtuje to, co naprawimy w następnej kolejności. Podziel się opinią
Shoulder.dev

Platforma Bezpieczenstwa dla Programistow
🔒

Permissive Cross-domain Policy with Untrusted Domains

🛡️ 9 reguł wykrywa to

Permissive Cross-domain Policy with Untrusted Domains

The product uses a cross-domain policy file that includes domains that should not be trusted.

A cross-domain policy file specifies the permissions for a web client to handle data across multiple domains. When overly permissive settings are used, malicious sites can abuse these permissions to access sensitive data or perform unauthorized actions on behalf of the user.

Rozpowszechnienie
Wysoka
Często wykorzystywana
Wplyw
Wysoki
1 reguł o wysokim poziomie
Zapobieganie
Udokumentowane
9 przykładów poprawek
2 Zapobieganie
2 Zapobieganie

Jak naprawić tę podatność

🐍 Python Zobacz wszystko Python szczegóły →
FastAPI CORS Misconfiguration MEDIUM

Restrict CORS to specific trusted origins instead of wildcard '*'

+3 -3 python 
  from fastapi import FastAPI
  from fastapi.middleware.cors import CORSMiddleware
  
  app = FastAPI()
  app.add_middleware(
      CORSMiddleware,
-     allow_origins=["*"],
-     allow_credentials=True,
-     allow_methods=["*"],
+     allow_origins=["https://example.com", "https://app.example.com"],
+     allow_credentials=True,
+     allow_methods=["GET", "POST"],
  )
Flask CORS Misconfiguration MEDIUM

Restrict Flask-CORS to specific trusted origins instead of wildcard '*'

+6 -1 python 
  from flask import Flask
  from flask_cors import CORS
  
  app = Flask(__name__)
- CORS(app, resources={r"/api/*": {"origins": "*"}})
+ CORS(app, resources={
+     r"/api/*": {
+         "origins": ["https://example.com", "https://app.example.com"],
+         "supports_credentials": True
+     }
+ })
CORS Regex Bypass Vulnerability HIGH

Use exact string matching against an allowlist instead of regex for origin validation

+9 -7 python 
- import re
- from flask import request
- 
- @app.after_request
- def cors(response):
-     origin = request.headers.get('Origin', '')
-     if re.match(r'.*example\.com', origin):
+ ALLOWED_ORIGINS = {
+     "https://app.example.com",
+     "https://api.example.com",
+ }
+ 
+ @app.after_request
+ def cors(response):
+     origin = request.headers.get('Origin', '')
+     if origin in ALLOWED_ORIGINS:
          response.headers['Access-Control-Allow-Origin'] = origin
      return response
🐹 Go Zobacz wszystko Go szczegóły →
Chi Permissive CORS MEDIUM

Configure specific allowed origins in Chi CORS middleware

+2 -1 go 
  package main
  
  import (
      "github.com/go-chi/chi/v5"
      "github.com/go-chi/cors"
  )
  
  func main() {
      r := chi.NewRouter()
      r.Use(cors.Handler(cors.Options{
-         AllowedOrigins: []string{"*"},
+         AllowedOrigins:   []string{"https://example.com"},
+         AllowCredentials: true,
      }))
  }
Echo Permissive CORS MEDIUM

Configure specific allowed origins in Echo CORS middleware

+5 -1 go 
  package main
  
  import (
      "github.com/labstack/echo/v4"
      "github.com/labstack/echo/v4/middleware"
  )
  
  func main() {
      e := echo.New()
      e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
-         AllowOrigins: []string{"*"},
+         AllowOrigins: []string{
+             "https://example.com",
+             "https://app.example.com",
+         },
+         AllowCredentials: true,
      }))
      e.Start(":8080")
  }
Fiber Permissive CORS MEDIUM

Configure specific allowed origins in Fiber CORS middleware

+2 -1 go 
  package main
  
  import (
      "github.com/gofiber/fiber/v2"
      "github.com/gofiber/fiber/v2/middleware/cors"
  )
  
  func main() {
      app := fiber.New()
      app.Use(cors.New(cors.Config{
-         AllowOrigins: "*",
+         AllowOrigins:     "https://example.com,https://app.example.com",
+         AllowCredentials: true,
      }))
      app.Listen(":3000")
  }
3 Wykrywanie
3 Wykrywanie

Znajdz podatnosci w swoim kodzie

Uzyj Shoulder do skanowania kodu w poszukiwaniu wzorcow Permissive Cross-domain Policy with Untrusted Domains. 9 reguly.

terminal
# Scan with Shoulder CLI
npx @shoulderdev/cli trust --cwe=942

# Or scan entire project
npx @shoulderdev/cli trust .

Reguly Wykrywania (9)

4 Sygnaly Ostrzegawcze
4 Sygnaly Ostrzegawcze

Na co zwracac uwage podczas przegladu kodu

Te wzorce wskazuja na potencjalne podatnosci Permissive Cross-domain Policy with Untrusted Domains. Szukaj ich podczas przegladow kodu i audytow bezpieczenstwa.

🟠
CORS validation uses weak pattern matching that can be bypassed python-cors-regex-bypass
🟠
CORS implementations using weak regex patterns, prefix/suffix matching, or substring checks that can python-cors-regex-bypass
🟡
FastAPI uses CORSMiddleware with allow_origins=['*'] and allow_credentials=True fastapi-cors-misconfiguration
🟡
overly permissive CORS configuration in FastAPI applications fastapi-cors-misconfiguration
🟡
Flask application uses CORS(*, supports_credentials=True) which allows any origin to make authenticated requests flask-cors-misconfiguration
🟡
Gin CORS middleware configured with wildcard origin go-gin-permissive-cors
🟡
CORS policy allows untrusted origins go-permissive-cors
🟡
overly permissive CORS (Cross-Origin Resource Sharing) configurations that allow any origin (*) with python-cors-misconfiguration
🔍

Przeskanuj swój kod w poszukiwaniu Permissive Cross-domain Policy with Untrusted Domains

Shoulder CLI znajduje podatne wzorce w całym Twoim kodzie.

npx shoulder trust Przeglądaj wszystkie reguły