⇤ Web Application Security Findings
https://api.bitsighttech.com/ratings/v1/companies/company_guid/findings?risk_vector=web_appsec
Get security misconfiguration evidence, including:
- CORS Violation
- Directory Listing Exposure
- HTTPS to HTTP Redirects
- Internal Server Error
- Overly Permissive CORS Whitelist
- Reverse Tabnabbing
- TLS Errors on Page Resource Fetch
For details specific to Web Application Security, use the ?risk_vector=web_appsec
parameter. Other query parameters are listed in GET: Finding Details.
CORS Violation
[assessmentName
= cors_violation
]
Example Response
{ "resource": "url", "resolutionStatus": "blocked", "message": "Access to font at 'url' from origin 'url' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.", ⊕ See additional evidences }
Response Attributes
Field | Description |
---|---|
resourceString |
A link to the resource as defined in the web application. |
resolutionStatusString |
The action the browser took when loading the resource. |
messageString |
A summary of the issue. |
Directory Listing Exposure
[assessmentName
= directory_listing_exposure
]
Example Response
{ "url": "url", "server": "Apache 2", ⊕ See additional evidences }
Response Attributes
Field | Description |
---|---|
urlString |
The location that is exposing a server directory listing. |
serverString |
The server name. |
HTTPS to HTTP Redirects
[assessmentName
= https_to_http_redirect
]
Example Response
[ { "value": "url", "responseChain": [ { "url": "url", "statusCode": 301, "ip": "ip", "port": 80 }, […] ], ⊕ See additional evidences } ]
Response Attributes
Field | Description | ||
---|---|---|---|
valueString |
The redirect chain element that caused the downgrade. | ||
responseChainArray |
The response chain from the loaded domain. | ||
Object | A response. | ||
urlString |
The URL from a specific step in the response chain. | ||
statusCodeInteger |
The HTTP status code for the redirect. | ||
ipString |
The IP address. | ||
portInteger |
The port used to connect on a particular step of the response chain. |
Internal Server Error
[assessmentName
= internal_server_error
]
Example Response
{ "url": "url", "message": "Request produced a 500 Internal Server Error response", ⊕ See additional evidences }
Response Attributes
Field | Description |
---|---|
urlString |
The location where an internal server error was generated. |
messageString |
A summary of the issue. |
Overly Permissive CORS Whitelist
[assessmentName
= permissive_cors_whitelist
]
Example Response
{ "name": "Access-Control-Allow-Origin", "value": "*", "resourceUrl":"http://example.com/", ⊕ See additional evidences }
Response Attributes
Field | Description |
---|---|
nameString |
The header. |
valueString |
The value of the HTTP header. |
resourceUrlString |
The resource URL that had the CSP violation. |
Reverse Tabnabbing
[assessmentName
= reverse_tabnabbing
]
Example Response
{ "resource": "url", "attributes": "rel=\"noopener\" href=\"url\" class=\"m-last-foc m-last-foc-main\" target=\"_blank\"", ⊕ See additional evidences }
Response Attributes
Field | Description |
---|---|
resourceString |
The resource that will be loaded. |
attributesString |
Attributes associated with this link. |
TLS Errors on Page Resource Fetch
[assessmentName
= tls_error
]
Example Response
{ "certificate": "MIIEPDCCAySgAwIBAg...+oghLrGREt", "message": "This site is missing a valid, trusted certificate (net::ERR_CERT_COMMON_NAME_INVALID).", ⊕ See additional evidences }
Response Attributes
Field | Description |
---|---|
certificateString |
A string representation of the certificate. |
messageString |
A summary of the issue. |
hashString |
The failure reason when validating the integrity attribute that’s present in the HTML element. |
-
May 15, 2024: Added
resource
to Overly Permissive CORS Whitelist response. - December 12, 2023: Included general finding details; Added table of contents.
- August 11, 2023: Published.
Feedback
0 comments
Please sign in to leave a comment.