We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Method Resource Sharing in On-Premises Environment Based on Cross-Origin Resource Sharing and its Application for Safety-First Constructions.
- Authors
Kohei Arai; Kodai Norikoshi; Mariko Oda
- Abstract
The method of resource sharing in an on-premises environment based on Cross-Origin Resource Sharing (CORS) is proposed for security reasons. However, using CORS entails several risks: Cross-Site Request Forgery (CSRF), difficulties in secure configuration, handling credentials, controlling complex requests, and restrictions associated with using wildcards. (1) To mitigate these risks, the following countermeasures are proposed: (2) Use CSRF tokens and the "SameSite" attribute. (3) Minimize preflight requests by allowing only specific origins. (4) Use the "withCredentials" flag or set the "Access-Control-Allow-Credentials" header on the server. (5) Handle custom headers by adding the required headers to CORS settings. (6) Specify a specific origin in the "Access-Control-Allow-Origin" header instead of using wildcards. Additionally, applying CORS for safety-first constructions, which helps raise awareness of dangerous actions in construction fields, is also being explored.
- Subjects
ACCESS control; INTERNET security; JAVASCRIPT programming language; WEB browsers; SEARCH engines
- Publication
International Journal of Advanced Computer Science & Applications, 2024, Vol 15, Issue 5, p670
- ISSN
2158-107X
- Publication type
Article
- DOI
10.14569/ijacsa.2024.0150567