Dart Cors Wildcard Origin
Description
Detects when CORS headers in Dart Shelf applications are configured to allow requests from any origin using the wildcard '*' value. This insecure configuration permits cross-origin requests from any domain, potentially exposing sensitive data to malicious websites and increasing the risk of cross-site attacks.
Detection Strategy
• Check for header configurations in Dart code where a key-value pair is being set
• Verify if the header key is exactly 'Access-Control-Allow-Origin'
• Confirm if the header value is exactly '*' (wildcard)
• Report a vulnerability when both conditions are met in the same header configuration
Vulnerable code example
import 'package:shelf/shelf.dart';
final corsHeaders = {
'Access-Control-Allow-Origin': '*', // Vulnerable: Using wildcard allows any origin to access the API
'Access-Control-Allow-Methods': 'GET, POST'
};
final handler = Pipeline()...✅ Secure code example
import 'package:shelf/shelf.dart';
import 'package:shelf_cors_headers/shelf_cors_headers.dart';
final corsHeaders = {
'Access-Control-Allow-Origin': 'https://trusted-domain.com', // Specific origin instead of wildcard
'Access-Control-Allow-Methods': 'GET, POST, OPTIONS', // Include OPTIONS for CORS preflight
'Access-Control-Allow-Headers': 'Origin, Content-Type',
'Vary': 'Origin' // Required for proper CORS caching behavior...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.