BIN: analyse-headers: Checks the access-control-allow-origin header

Another suggestion by <Dom Ingram>.

For more details on the null issue, read here:
https://w3c.github.io/webappsec-cors-for-developers/#avoid-returning-access-control-allow-origin-null
Jonathan Hodgson 4 years ago
parent 984298b29b
commit 41fd57310a
  1. 26
      bin/.bin/webtest/analyse-headers

@ -361,6 +361,32 @@ information (sent via the Referer header) should be included with requests.\n\n"
fi fi
} }
test_access-control-allow-origin(){
local value
value="$(echo "$1" | cut -d ':' -f 2- | trimWhitespace)"
if [ "$value" = "*" ]; then
echo "Access-Control-Allow-Origin" | drawInBox
wecho "The Access-Control-Allow-Origin header indicates whether the \
response can be shared with requesting code from the given origin
The value was found to be * meaning any origin. This is not normally desirable.
\n"
return 1
elif echo "$value" | grep -q "null"; then
echo "Access-Control-Allow-Origin" | drawInBox
wecho "The Access-Control-Allow-Origin header indicates whether the \
response can be shared with requesting code from the given origin
The value was found to be null. the serialization of the Origin of any \
resource that uses a non-hierarchical scheme (such as data: or file: ) and \
sandboxed documents is defined to be \"null\". Many User Agents will grant \
such documents access to a response with an Access-Control-Allow-Origin: \
\"null\" header, and any origin can create a hostile document with a \"null\" \
Origin. The \"null\" value for the ACAO header should therefore be avoided.\n\n"
return 1
fi
return 0
}
usage(){ usage(){
echo -n "analyse-headers [OPTIONS]... URL echo -n "analyse-headers [OPTIONS]... URL

Loading…
Cancel
Save