-
Notifications
You must be signed in to change notification settings - Fork 41
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
866f62c
commit d9d53e3
Showing
155 changed files
with
6,212 additions
and
4,483 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,2 @@ | ||
| <?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>AbortController on XS-Leaks Wiki</title><link>https://xsleaks.dev/abuse/abortcontroller/</link><description>Recent content in AbortController on XS-Leaks Wiki</description><generator>Hugo</generator><language>en-us</language><atom:link href="https://xsleaks.dev/abuse/abortcontroller/index.xml" rel="self" type="application/rss+xml"/><item><title>Cache Probing</title><link>https://xsleaks.dev/docs/attacks/cache-probing/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://xsleaks.dev/docs/attacks/cache-probing/</guid><description>The principle of Cache Probing consists of detecting whether a resource was cached by the browser. The concept has been known since the beginning of the web 1 and initially relied on detecting timing differences. | ||
| When a user visits a website, some resources such as images, scripts, and HTML content are fetched and later cached by the browser (under certain conditions). This optimization makes future navigations faster as the browser serves those resources from disk instead of requesting them again.</description></item></channel></rss> | ||
| <?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Abuse/AbortController on XS-Leaks Wiki</title><link>https://xsleaks.dev/abuse/abortcontroller/</link><description>Recent content in Abuse/AbortController on XS-Leaks Wiki</description><generator>Hugo</generator><language>en-us</language><atom:link href="https://xsleaks.dev/abuse/abortcontroller/index.xml" rel="self" type="application/rss+xml"/><item><title>Cache Probing</title><link>https://xsleaks.dev/docs/attacks/cache-probing/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://xsleaks.dev/docs/attacks/cache-probing/</guid><description><p>The principle of Cache Probing consists of detecting whether a resource was cached by the browser. The concept has been known since the beginning of the web <sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup> and initially relied on detecting timing differences.</p> | ||
| <p>When a user visits a website, some resources such as images, scripts, and HTML content are fetched and later cached by the browser (under certain conditions). This optimization makes future navigations faster as the browser serves those resources from disk instead of requesting them again. If an attacker can detect which resources are cached, this information can be enough to leak whether a user accessed a specific page in the past.</p></description></item></channel></rss> |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,12 @@ | ||
| <?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Browser Feature on XS-Leaks Wiki</title><link>https://xsleaks.dev/abuse/browser-feature/</link><description>Recent content in Browser Feature on XS-Leaks Wiki</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Sun, 06 Nov 2022 17:13:54 +0000</lastBuildDate><atom:link href="https://xsleaks.dev/abuse/browser-feature/index.xml" rel="self" type="application/rss+xml"/><item><title>CORB Leaks</title><link>https://xsleaks.dev/docs/attacks/browser-features/corb/</link><pubDate>Thu, 01 Oct 2020 00:00:00 +0000</pubDate><guid>https://xsleaks.dev/docs/attacks/browser-features/corb/</guid><description>Cross-Origin Read Blocking (CORB) is a web platform security feature aimed at reducing the impact of speculative side-channel attacks such as Spectre. Unfortunately, blocking certain types of requests introduced a new type of XS-Leaks 1 that allows attackers to detect if CORB was enforced on one request, but wasn&rsquo;t on another. Nevertheless, the introduced XS-Leaks are much less problematic than the issues actively protected by CORB (e.g. Spectre). | ||
| info | ||
| This is a known issue in Chromium, and while it might remain unfixed, its impact is greatly reduced by the rollout of SameSite Cookies by default in Chromium-based browsers.</description></item><item><title>CORP Leaks</title><link>https://xsleaks.dev/docs/attacks/browser-features/corp/</link><pubDate>Thu, 01 Oct 2020 00:00:00 +0000</pubDate><guid>https://xsleaks.dev/docs/attacks/browser-features/corp/</guid><description>Explanation # Cross-Origin Resource Policy (CORP) is a web platform security feature that allows websites to prevent certain resources from being loaded by other origins. This protection complements CORB since it is an opt-in defense, whereas CORB blocks some cross-origin reads by default. Unfortunately, similar to CORB, applications can introduce a new XS-Leak if they misconfigure the use of this protection. | ||
| A webpage will introduce an XS-Leak if CORP is enforced based on user data.</description></item></channel></rss> | ||
| <?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Browser Feature on XS-Leaks Wiki</title><link>https://xsleaks.dev/abuse/browser-feature/</link><description>Recent content in Browser Feature on XS-Leaks Wiki</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Sun, 06 Nov 2022 17:13:54 +0000</lastBuildDate><atom:link href="https://xsleaks.dev/abuse/browser-feature/index.xml" rel="self" type="application/rss+xml"/><item><title>CORB Leaks</title><link>https://xsleaks.dev/docs/attacks/browser-features/corb/</link><pubDate>Thu, 01 Oct 2020 00:00:00 +0000</pubDate><guid>https://xsleaks.dev/docs/attacks/browser-features/corb/</guid><description><p><a href="https://xsleaks.dev/docs/defenses/secure-defaults/corb/">Cross-Origin Read Blocking</a> (CORB) is a web platform security feature aimed at reducing the impact of speculative side-channel attacks such as Spectre. Unfortunately, blocking certain types of requests introduced a new type of XS-Leaks <sup id="fnref:1"><a href="#fn:1" class="footnote-ref" role="doc-noteref">1</a></sup> that allows attackers to detect if CORB was enforced on one request, but wasn&rsquo;t on another. Nevertheless, the introduced XS-Leaks are much less problematic than the issues actively protected by CORB (e.g. Spectre).</p> | ||
|
|
||
| <blockquote class="book-hint2 info"> | ||
| <p class="hint-title info"> | ||
| <svg class="book-icon"> | ||
| <use href="https://xsleaks.dev/svg/hint-icons.svg#info-notice"></use> | ||
| </svg><span>info</span></p></description></item><item><title>CORP Leaks</title><link>https://xsleaks.dev/docs/attacks/browser-features/corp/</link><pubDate>Thu, 01 Oct 2020 00:00:00 +0000</pubDate><guid>https://xsleaks.dev/docs/attacks/browser-features/corp/</guid><description><h2 id="explanation"> | ||
| Explanation | ||
| <a class="anchor" href="#explanation">#</a> | ||
| </h2> | ||
| <p><a href="https://xsleaks.dev/docs/defenses/opt-in/corp/">Cross-Origin Resource Policy</a> (CORP) is a web platform security feature that allows websites to prevent certain resources from being loaded by other origins. This protection complements <a href="https://xsleaks.dev/docs/defenses/secure-defaults/corb/">CORB</a> since it is an opt-in defense, whereas CORB blocks some cross-origin reads by default. Unfortunately, similar to <a href="https://xsleaks.dev/docs/attacks/browser-features/corb/">CORB</a>, applications can introduce a new XS-Leak if they misconfigure the use of this protection.</p> | ||
| <p>A webpage will introduce an XS-Leak if <code>CORP</code> is enforced based on user data. If a page search feature enforces <code>CORP</code> when showing results, but doesn&rsquo;t do so when returning no results, an attacker will be able to distinguish the two scenarios. This occurs because a page/resource protected by <code>CORP</code> will return an error when fetched cross-origin. <a href="https://xsinator.com/testing.html#CORP%20Leak">Run demo</a></p></description></item></channel></rss> |
Oops, something went wrong.