XS-Leaks 先行研究
先行研究 Previous Research
cookie
1 | - HTTP cookies are small blocks of data created by a web server while a user is browsing a website and placed on the user’s computer or some other device by the user’s web browser. |
same origin policy
1 | For exapmle |
cross-site leaks
Cross-Site Leaks (XS-Leaks) are vulnerabilities to side channel attacks on Web browsers.
The type of side channel attacks on a web browser bypass security mechanism such as the same source policy.
Cross-Site Leaks describe a client-side bug that allows an attacker to collect side-channel information from a cross-origin HTTP resource.
Error messages
The execution context of a web application is defined through the concept of web origins.
Web applications may call and embed other web applications to enhance functionality.
By using CORS (Cross-Origin Resource Sharing ), An attacker can send an enabled request to a target website which redirects based on the user state.
When the browser denies the request, the full URL of the redirect target is leaked in the error message.
With this attack, it is possible to detect redirects, leak redirect locations, and sensitive query parameters.