Re: CSR and Mozilla - Clarifying HTTP Header Filtering

On 2/19/08, Anne van Kesteren <annevk@opera.com> wrote:
> The issue is that cross-site requests that are possible today for GET do
> not involve arbitrary headers made up by the author. Therefore servers
> could be vulnerable to cross-site GET requests that do have arbitrary
> headers set. This is a new attack vector and has nothing to do with the
> same-origin blacklist.

Hmm, I'm really not getting this...

Can you describe one of these possible vulnerabilities for me please?
And can you describe how it would only be triggered by a cross-site
request and not a regular old GET on the same URL?

Thanks.

Mark.
-- 
Mark Baker.  Ottawa, Ontario, CANADA.         http://www.markbaker.ca
Coactus; Web-inspired integration strategies  http://www.coactus.com

Received on Wednesday, 20 February 2008 06:07:40 UTC