Cross-Origin Resource Sharing (CORS)

Definition: A way for a server to tell the browser which other origins are allowed to access its resources.

👉 Example HTTP response header:

Access-Control-Allow-Origin: <https://trusted.com>
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Credentials: true

⚠️ Misconfigurations (very common):

Access-Control-Allow-Origin: * + Access-Control-Allow-Credentials: true

→ Any site can steal cookies/session tokens.

⚡ Pentesting Focus

Test for overly-permissive CORS.
Exploit via malicious JavaScript making authenticated requests on behalf of victim.