WebSocket

WebSocket No Origin Check

The WebSocket upgrade handler accepts any `Origin`, so a malicious page can open a chat-room connection on behalf of the logged-in user.

CWE-346
Back to hub Reload scenario
Upgrade audit 

  


      

    


    

      

        
Expected Findings

        
    
          
  • Upgrade handler does not validate `Origin`.
  • Cookies are sent on the upgrade, so cross-site pages get authenticated WS.
  • Server does not require a per-connection token.
    • 
        

      


      

      

        
Signals

        
        

          
Bug

          
upgrader.CheckOrigin = func(r *http.Request) bool { return true }

        

        
      

    


    

    

      Developed by vibe-eval.com for validation and testing purposes only.