Difference between revisions of "XSCF"
m (Protected "XSCF" ([edit=sysop] (indefinite) [move=sysop] (indefinite))) |
|||
Line 1: | Line 1: | ||
− | Cross-Site Content Forgery is a vulnerability class that entails malforming the server-side mimetype for a particular resource to make it appear as something else. This is by no means original, however the [[Facebook]] wiki documents how to do this in detail. | + | Cross-Site Content Forgery is a vulnerability class that entails malforming the server-side mimetype for a particular resource to make it appear as something else. This is by no means original, however the [[Facebook#Proof_of_Concept]] wiki documents how to do this in detail. |
− | For example, let's say you have an image sitting somewhere that looks innocent. Using Apache directives such as AddType, you can force the content-type of the resource to be processed server-side by any program. The program then seizes control of the resource, and you can then wrap the resource into the functions of the program that is being executed to return output to the client. | + | For example, let's say you have an image sitting somewhere that looks innocent. Using Apache directives such as AddType, you can force the content-type of the resource to be processed server-side by any program. The program then seizes control of the resource, and you can then wrap the resource into the functions of the program that is being executed to return output to the client. This is possible because different sites and crawler bots make easily identifiable requests. |
Revision as of 10:04, 10 November 2011
Cross-Site Content Forgery is a vulnerability class that entails malforming the server-side mimetype for a particular resource to make it appear as something else. This is by no means original, however the Facebook#Proof_of_Concept wiki documents how to do this in detail.
For example, let's say you have an image sitting somewhere that looks innocent. Using Apache directives such as AddType, you can force the content-type of the resource to be processed server-side by any program. The program then seizes control of the resource, and you can then wrap the resource into the functions of the program that is being executed to return output to the client. This is possible because different sites and crawler bots make easily identifiable requests.