CORS origin False Positives
Almost all CORS misconfiguration notifications are false positive.
If you have checked “Access-Control-Allow-Origin: *”, you will get these false positives.
It needs to be set to “Access-Control-Allow-Credentials: true
Anuj holds professional certifications in Google Cloud, AWS as well as certifications in Docker and App Performance Tools such as New Relic. He specializes in Cloud Security, Data Encryption and Container Technologies.
Anuj Varma – who has written 1220 posts on Anuj Varma, Hands-On Technology Architect, Clean Air Activist.
Leave a Reply