Re: Redirects and HSTS from Anne van Kesteren on 2014-09-26 (public-webappsec@w3.org from September 2014)

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 26 Sep 2014 14:11:35 +0200
To: Mike West <mkwst@google.com>
Cc: WebAppSec WG <public-webappsec@w3.org>
Message-ID: <CADnb78h-4LmHYrPMJJXpj4g_HWAEg8YMvsGapuWHaeKSUmW8MA@mail.gmail.com>

On Fri, Sep 26, 2014 at 1:55 PM, Mike West <mkwst@google.com> wrote:
> What's the attack you're considering?

E.g. if you know about an image on a domain you could check with

<img src=http://target.example/ onload=visited() onerror=notvisited()>

due to client-side HSTS rewriting and the recommend setup of port 80
redirecting to 443.


-- 
https://annevankesteren.nl/

Received on Friday, 26 September 2014 12:12:05 UTC