Skip to content

Commit

Permalink
Acronym fix for CORS
Browse files Browse the repository at this point in the history
  • Loading branch information
@RRudder
RRudder committed Nov 29, 2023
1 parent 77ef813 commit 14211c7
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion ...curity_misconfiguration/unsafe_cross_origin_resource_sharing/recommendations.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Recommendation(s)

To prevent CORS attacks the cross-origin requests need to be properly configured. This includes not using `null` and instead using a strict allow list of trusted sites in the `Access-Control-Allow-Origin` header. It is also good practice to not use wildcards (`*`) for internal networks, and include further server-side protections for sensitive data.
To prevent Cross-Origin Resource Sharing (CORS) attacks the cross-origin requests need to be properly configured. This includes not using `null` and instead using a strict allow list of trusted sites in the `Access-Control-Allow-Origin` header. It is also good practice to not use wildcards (`*`) for internal networks, and include further server-side protections for sensitive data.

For more information, please see:

Expand Down
2 changes: 1 addition & 1 deletion ...rver_security_misconfiguration/unsafe_cross_origin_resource_sharing/template.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Unsafe Cross-Origin Resource Sharing
# Unsafe Cross-Origin Resource Sharing (CORS)

## Overview of the Vulnerability

Expand Down

0 comments on commit 14211c7

Please sign in to comment.