Browser Feature

CORB Leaks

October 1, 2020
Abuse Browser Feature, Error Events, Content-Type, nosniff
Category Attack
Defenses Fetch Metadata, SameSite Cookies

Cross-Origin Read Blocking (CORB) is a web platform security feature aimed at reducing the impact of speculative side-channel attacks such as Spectre. Unfortunately, blocking certain types of requests introduced a new type of XS-Leaks 1 that allows attackers to detect if CORB was enforced on one request, but wasn’t on another. Nevertheless, the introduced XS-Leaks are much less problematic than the issues actively protected by CORB (e.g. Spectre). info ...

CORP Leaks

October 1, 2020
Abuse Browser Feature
Category Attack
Defenses Fetch Metadata, SameSite Cookies

Explanation # Cross-Origin Resource Policy (CORP) is a web platform security feature that allows websites to prevent certain resources from being loaded by other origins. This protection complements CORB since it is an opt-in defense, whereas CORB blocks some cross-origin reads by default. Unfortunately, similar to CORB, applications can introduce a new XS-Leak if they misconfigure the use of this protection. A webpage will introduce an XS-Leak if CORP is enforced based on user data. ...