Has anyone written up how to secure an unauthenticated localhost service? I've got Host check against DNS rebinding, CORB/CORP/COOP against Spectre, anything else? Maybe I should work in a secret path segment after all.
-
-
Right, here I make requests from an HTML I serve from the same origin, so I can't block empty Origin. I guess I just Set-Cookie from the non-state changing HTML response with a Host check, and then check the cookie in the others. Now, are response headers protected by CORB?
-
Sounds okay to me, but bare in mind that any other local users or low-privileged processes will be able to fake any origin they want, so it might weaken sandboxing or priv separation.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.