Typescript Cors Wildcard Origin Header Express
Description
Detects insecure CORS (Cross-Origin Resource Sharing) configurations in Express.js applications that use wildcard origin ('*'). Using wildcard CORS policy allows any domain to make cross-origin requests to your application, potentially exposing sensitive data to malicious websites. This represents a security risk as it bypasses Same-Origin Policy protections.
Detection Strategy
• Check Express application code for CORS configuration settings
• Look for usage of cors() middleware or custom CORS headers in route handlers
• Identify if wildcard origin ('*') is specified in Access-Control-Allow-Origin header or cors() options
• Flag configuration as vulnerable if unrestricted CORS access is allowed through wildcard origins
• Report issues when CORS is configured to accept requests from all origins without restriction
Vulnerable code example
import express from 'express';
const app = express();
app.use((req, res, next) => {
res.header('Access-Control-Allow-Origin', '*'); // Vulnerable: allows any origin to access the API
res.header('Access-Control-Allow-Headers', 'Content-Type');
res.header('Access-Control-Allow-Methods', 'GET, POST');
next();...✅ Secure code example
import express from 'express';
const app = express();
const allowedOrigins = ['https://trusted-site.com', 'https://api.trusted-site.com'];
app.use((req, res, next) => {
const origin = req.headers.origin;
...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.