Search
Member List
Calendar
Help
|
Ajax call to server issue
|
|
13-07-2022, 14:11
Post: #4
|
|||
|
|||
|
RE: Ajax call to server issue
An app such as the LUMIN app or the mscript program can send an HTTP POST request using a TCP/IP socket connection. There is no cross-origin check for this. The cross-origin check is made only by a web browser.
Having thought about this some more, it is my understanding that opening this up by adding 'Access-Control-Allow-Origin: *' would enable anyone to host a public web page that could invoke a local rescan for MinimServer if the web page knew (or could guess) the local IP address of the MinimServer instance. This could happen in the background without the user being aware and would also enable any other MinimServer command to be run by an attacker. |
|||
|
|
« Next Oldest | Next Newest »
|
| Messages In This Thread |
|
Ajax call to server issue - lyapounov - 13-07-2022, 00:29
RE: Ajax call to server issue - simoncn - 13-07-2022, 12:38
RE: Ajax call to server issue - lyapounov - 13-07-2022, 13:52
RE: Ajax call to server issue - simoncn - 13-07-2022 14:11
RE: Ajax call to server issue - lyapounov - 14-07-2022, 11:54
RE: Ajax call to server issue - simoncn - 14-07-2022, 12:23
RE: Ajax call to server issue - lyapounov - 14-07-2022, 12:39
RE: Ajax call to server issue - simoncn - 15-07-2022, 09:12
RE: Ajax call to server issue - lyapounov - 15-07-2022, 11:18
|
User(s) browsing this thread: 1 Guest(s)