security header content checks should do something useful #8
Open
Description
The security header content checks currently only check for the existence of the header, which is next to useless. It'd be far better if they actually verified / checked the value/content of the header.
For example:
{
:type => "content",
:name => "Access-Control-Allow-Origin Header",
:match_type => :content_headers,
:dynamic_result => lambda { |d|
return true if _first_header_match d, /^Access-Control-Allow-Origin:.*/i;
false
},
:dynamic_hide => lambda { |d| false },
:dynamic_issue => lambda { |d| false },
:paths => ["#{url}"]
},
and
{
:type => "content",
:name => "X-Frame-Options Header",
:match_type => :content_headers,
:dynamic_result => lambda { |d|
return true if _first_header_match d, /^x-frame-options:.*/i;
false
},
:dynamic_hide => lambda { |d| false },
:dynamic_issue => lambda { |d| false },
:paths => ["#{url}"]
},```
but the header could be `X-Frame-Options: kill all humans` ..
in addition, many applications will not respond with a CORS header unless the client request contains an `Origin` header
via @bcoles
Metadata
Assignees
Labels
No labels