ZAP – CORS Header

Details
Alert ID	40040-1
Alert Type	Active
Status	beta
Risk	Informational
CWE	942
WASC	14
Technologies Targeted	All
Tags	CWE-942 OWASP_2017_A05 OWASP_2021_A01 WSTG-V42-CLNT-07
More Info	Scan Rule Help

Summary

Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any other origins (domain, scheme, or port) than its own from which a browser should permit loading of resources. It relaxes the Same-Origin Policy (SOP).

Solution

If a web resource contains sensitive information, the origin should be properly specified in the Access-Control-Allow-Origin header. Only trusted websites needing this resource should be specified in this header, with the most secured protocol supported.

Other Info

References

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
https://portswigger.net/web-security/cors

Code

org/zaproxy/zap/extension/ascanrulesBeta/CorsScanRule.java