Sobelow v0.13.0

View Source Sobelow.Config.CSWH (Sobelow v0.13.0)

Cross-Site Websocket Hijacking

Websocket connections are not bound by the same-origin policy. Connections that do not validate the origin may leak information to an attacker.

More information can be found here: https://www.christian-schneider.net/CrossSiteWebSocketHijacking.html

Cross-Site Websocket Hijacking checks can be disabled with the following command:

$ mix sobelow -i Config.CSWH

Link to this section Summary

Functions

check_socket(arg1)
details()
id()
rule()
run(endpoint)

Link to this section Functions

Link to this function

check_socket(arg1)

View Source
Link to this function

details()

View Source
Link to this function

id()

View Source
Link to this function

rule()

View Source
Link to this function

run(endpoint)

View Source