mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-13 23:02:46 +00:00
Add CSRF to OAuth2
Not sure if it qualifies as a _payload_ but I'll let you be the judge of that :)
This commit is contained in:
Melvin Lammerts
GitHub
parent
d16aec6f6a
commit
59971e95d2
1 changed files with 6 additions and 0 deletions
|
|
@ -35,6 +35,12 @@ If an authorization code is used more than once, the authorization server MUST d
|
|||
and SHOULD revoke (when possible) all tokens previously issued based on that authorization code.
|
||||
```
|
||||
|
||||
## Cross-Site Request Forgery
|
||||
Applications that do not check for a valid CSRF token in the OAuth callback are vulnerable. This can be exploited by initializing the OAuth flow and intercepting the callback (https://example.com/callback?code=AUTHORIZATION_CODE). This URL can be used in CSRF attacks.
|
||||
```
|
||||
The client MUST implement CSRF protection for its redirection URI. This is typically accomplished by requiring any request sent to the redirection URI endpoint to include a value that binds the request to the user-agent's authenticated state. The client SHOULD utilize the "state" request parameter to deliver this value to the authorization server when making an authorization request.
|
||||
```
|
||||
|
||||
## Thanks to
|
||||
* http://blog.intothesymmetry.com/2016/11/all-your-paypal-tokens-belong-to-me.html
|
||||
* http://homakov.blogspot.ch/2014/02/how-i-hacked-github-again.html
|
||||
|
|
|
|||
Loading…
Reference in a new issue