Javascript Cors Wildcard Origin Header Lambda
Description
Detects insecure CORS (Cross-Origin Resource Sharing) configurations in AWS Lambda functions where wildcard origins ('*') are used in CORS headers. This represents a security risk as it allows any domain to make requests to the API, potentially enabling malicious cross-origin attacks.
Detection Strategy
• Examines response headers in AWS Lambda function code for CORS configurations
• Identifies instances where 'Access-Control-Allow-Origin' header is set to '*' (wildcard)
• Flags Lambda functions that don't implement origin restrictions in their CORS policy
• Reports vulnerability when CORS headers are configured to accept requests from all origins
Vulnerable code example
// API Handler with insecure CORS configuration
export const handler = async (event) => {
const headers = {
'Access-Control-Allow-Origin': '*' // Vulnerable: allows access from any domain
};
return {
statusCode: 200,...✅ Secure code example
export const handler = async (event) => {
const headers = {
'Access-Control-Allow-Origin': 'https://trusted-frontend.example.com', // Restrict to specific trusted domain
'Access-Control-Allow-Methods': 'GET', // Explicitly specify allowed methods
'Access-Control-Allow-Headers': 'Content-Type' // Restrict allowed headers
};
return {...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.