Authorization / Cross-Domain Referer Leakage

Description

Cross-domain Referer leakage is an authorization vulnerability that occurs when web applications fail to properly validate the HTTP Referer header. This allows attackers to bypass the same origin policy and access resources in another domain. This vulnerability is classified as CWE-352 (Cross-Site Request Forgery (CSRF)) in the Common Weakness Enumeration (CWE) directory and is described in the OWASP Testing Guide v4. Cross-domain Referer leakage can be used to perform malicious actions, such as accessing restricted areas, submitting false information, and even deleting data.

Risk

Cross-domain Referer leakage can lead to serious security risks, such as data leakage, data corruption, and unauthorized access to resources. It is a high risk vulnerability and should be addressed as soon as possible.

Solution

To prevent Cross-domain Referer leakage, web applications should properly validate the HTTP Referer header. This can be done by checking the origin of the request and ensuring that it is coming from a valid source. Additionally, the application should use a content security policy (CSP) to restrict the domains that can access the resources and ensure that the HTTP Referer header is always checked.