1 Matching Annotations
  1. Apr 2020
  2. www.moesif.com www.moesif.com
    Authoritative guide to CORS (Cross-Origin Resource Sharing) for REST APIs
    1
    1. alangnative 27 Apr 2020
      Without same-origin policy, that hacker website could make authenticated malicious AJAX calls to https://examplebank.com/api to POST /withdraw even though the hacker website doesn’t have direct access to the bank’s cookies.

      Cross-domain vulnerability

      cors websec infosec
    Visit annotations in context

    Tags

    Annotators

    URL

    moesif.com/blog/technical/cors/Authoritative-Guide-to-CORS-Cross-Origin-Resource-Sharing-for-REST-APIs/