Sobelow

Sobelow v0.11.0 Sobelow.Config.CSWH View Source

Cross-Site Websocket Hijacking

Websocket connections are not bound by the same-origin policy. Connections that do not validate the origin may leak information to an attacker.

More information can be found here: https://www.christian-schneider.net/CrossSiteWebSocketHijacking.html

Cross-Site Websocket Hijacking checks can be disabled with the following command:

$ mix sobelow -i Config.CSWH

Link to this section Summary

Functions

check_socket(arg1)
details()
id()
rule()
run(endpoint)

Link to this section Functions

Link to this function

check_socket(arg1) View Source

Link to this function

details() View Source

Link to this function

id() View Source

Link to this function

rule() View Source

Link to this function

run(endpoint) View Source

Keyboard Shortcuts
×
c
Toggle sidebar
n
Toggle night mode
/ or s
Focus search bar
?
Bring up this help dialog