A response with
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Access-Control-Allow-Credentials: false
... but with no Cache-Control can be read from a cross-origin request:
fetch(vulnerableUrl, {
method: 'GET',
cache: 'force-cache'
});
We want to verify on which browser does this attack work.
Inspired by: this report.
A response with
... but with no Cache-Control can be read from a cross-origin request:
We want to verify on which browser does this attack work.
Inspired by: this report.