C Sharp Cors Wildcard Origin Aspnet
Description
Detects potentially insecure Cross-Origin Resource Sharing (CORS) configurations in ASP.NET applications where wildcards (*) are used to allow all origins. Using wildcards in CORS policies can expose APIs to unauthorized cross-origin requests, potentially leading to security vulnerabilities like cross-site request forgery (CSRF) or data theft.
Detection Strategy
• Looks for calls to the EnableCors() method in ASP.NET applications
• Examines the first argument passed to EnableCors to check if it contains wildcard (*) origins
• Reports a vulnerability when CORS is configured to allow all origins through wildcards instead of specific allowed domains
Vulnerable code example
using System.Web.Http;
using System.Web.Http.Cors;
public class CorsConfig
{
public static void Configure(HttpConfiguration config)
{
// Vulnerable: Allows all origins (*), methods (*), and headers (*)...✅ Secure code example
using System.Web.Http;
using System.Web.Http.Cors;
public class CorsConfig
{
public static void Configure(HttpConfiguration config)
{
// Secure: Explicitly specify allowed origin, methods and headers...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.