Security Flashcards

1
Q

In computing, the ______-_______-_____ is an important concept in teh web applciation security model.

A

same-origin-policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Under teh same-origin-policy, a web browser permits scripts caontined in a first web apge to access data in a second web page, but only if both web pages have the same origin. This is done to prevent _______.

A

Cross site scripting - XSS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

T or F

(SOP) same-origin-policy is enforced by web browsers and ignored by tools like postman and curl.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

____ is one way the server at the other end (not the client code in the browser) can relax the same-origin-policy.

A

Cross origin resource sharing (CORS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

______ is a machanism that allows restricted resources (ie: fonts) on a web page to be requested from another domain outside the domain from which the first resource was served.

A

Corss origin resource sharing (CORS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cross Origin Resource Sharing (CORS)

  • browser makes an HTTP options call for a URL
  • options is an HTTP method like Get, Put, and Post

Server returns a resonse that says:

“These other domains are approved ti Get this URL”

-Error - “Origin policy can’t be read at the remote resource?”

You need to enable CORS on API GW

A

just read the other card.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly