Sobelow v0.7.7 Sobelow.Config.CSWH
Cross-Site Websocket Hijacking
Websocket connections are not bound by the same-origin policy. Connections that do not validate the origin may leak information to an attacker.
More information can be found here: https://www.christian-schneider.net/CrossSiteWebSocketHijacking.html
Cross-Site Websocket Hijacking checks can be disabled with the following command:
$ mix sobelow -i Config.CSWHLink to this section Summary
Link to this section Functions
Link to this function
check_socket(arg1)
Link to this function
details()
Link to this function
run(endpoint)