logo

Database

Javascript Cors Wildcard Origin With Credentials

Description

Detects insecure CORS (Cross-Origin Resource Sharing) configurations in Koa.js applications where wildcard origins (*) are used while allowing credentials. This misconfiguration can expose sensitive user data to malicious websites by bypassing same-origin policy restrictions.

Weakness:

134 - Insecure or unset HTTP headers - CORS

Category: Protocol Manipulation

Detection Strategy

    Examines Koa.js CORS middleware configuration settings in the application code

    Identifies when the 'credentials' option is set to true in combination with wildcard (*) origin configuration

    Flags configurations where both 'Access-Control-Allow-Credentials' and wildcard origins are enabled together

Vulnerable code example

const Koa = require('koa');
const cors = require('@koa/cors');

const app = new Koa();

// VULNERABLE: Allows any origin with credentials enabled, enabling CSRF attacks
app.use(cors({
  origin: '*',          // Dangerous: Allows requests from any domain...

✅ Secure code example

const Koa = require('koa');
const cors = require('@koa/cors');

const app = new Koa();

// Define allowed origins for more granular control
const allowedOrigins = ['https://trusted-site.com', 'https://api.trusted-site.com'];
...