Json Yaml Cors Wildcard Origin Api Gateway

Description

Detects insecure CORS (Cross-Origin Resource Sharing) configurations in serverless YAML files that use wildcard origins (*). This misconfiguration allows any domain to make cross-origin requests to the API, potentially exposing sensitive data to malicious websites.

Weakness:

134 - Insecure or unset HTTP headers - CORS

Category: Protocol Manipulation

Detection Strategy

• Scan serverless framework YAML configuration files for CORS settings

• Check if CORS origin configurations contain wildcard (*) values

• Verify the CORS configuration is within the correct configuration path structure

• Report a vulnerability when wildcard CORS origins are found in valid configuration paths

Vulnerable code example

service: myapp

functions:
  api-endpoint:
    events:
      - http:
          path: /data
          method: post...

✅ Secure code example

service: myapp

functions:
  api-endpoint:
    events:
      - http:
          path: /data
          method: post...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.