A web application for ordering cat food charges users and places an order when an HTTP GET request is issued to the following URL:
http://www.catsupplies.com/order?brand=xxxxx&quantity=xxxxx
A malicious website could add snippets like this to their site:
<img src="http://www.catsupplies.com/order?brand=xxxxx&quantity=xxxxx">
What would help protect against such attacks, considering that the web application has the CORS policy that only allows requests from the same site?
(Select all acceptable answers.)
Tags
Web Application SecurityWould you like to see our other questions?
We have 1000+ premium hand-crafted questions for 160+ job skills and 20+ coding languages. We prefer questions with small samples of actual work over academic problems or brain teasers.
Visit our question libraryPrivate Concierge
Send us an email with an explanation of your testing needs and a list of candidates. We will create an appropriate test, invite your candidates, review their results, and send you a detailed report.
Contact Private ConciergeWould you like to see our tests? The following tests contain Web Application Security related questions:
On the TestDome Blog
Screening Applicants: The Good, the Bad and the Ugly
Since we’re all biased and we use incorrect proxies, why not just outsource hiring to experts or recruitment agencies? After all, they’ve been screening people for many years, so they must know how to do it right?
Not really. I was surprised to discover that many experts disagree with each other. Everybody praises their pet method and criticizes the others. Many of these methods look legitimate, but are based on...