Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Security Implications of Cross-Origin Resource Sharing - HTML5 and CORS Analysis

OWASP Foundation via YouTube

Overview

Explore the security implications of Cross-Origin Resource Sharing (CORS) in HTML5 through this in-depth conference talk from AppSecEU 2014. Delve into how CORS allows websites to load resources from other domains, even in restricted environments, using browser-saved authentication tokens. Examine the effects on various Internet actors, new trust relationships, and the breaking of same-origin policy. Learn about CORS functionality, its predecessor JSON-P, and conduct a threat analysis to understand its impact on traditional XmlHttpRequests. Discover how CORS introduces new attack vectors and transforms well-known attacks like Cross-Site Request Forgery and Cross-Site Tracing. Witness live demonstrations of these security risks and gain insights into mitigating them. Acquire knowledge on properly handling CORS and building secure web applications that leverage its features without compromising user data.

Syllabus

Gergely Revay - Security Implications of Cross-Origin Resource Sharing

Taught by

OWASP Foundation

Reviews

Start your review of Security Implications of Cross-Origin Resource Sharing - HTML5 and CORS Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.