JSON hijacking | GitLab (2024)

Table of Contents
Description Links
  • Description
  • Remediation
  • Links

Description

Checks for JSON data potentially vulnerable to hijacking. This check looks for a GET request that returns a JSON array, which could potentially be hijacked and read by a malicious website.

JSON hijacking allows an attacker to send a GET request via a malicious web site or similar attack vector and utilize a user’s stored credentials to retrieve sensitive or protected data to which that user has access. Since a JSON array on its own is valid JavaScript, a malicious GET request to a resource that returns only a JavaScript array can allow the attacker to use a malicious script to read the data in the array from the request. GET requests should never return a JSON array, even if the resource requires authentication to access. Consider using POST instead of a GET for this request or wrapping the array in a JSON object.

Links

See Also
What Are JSON Injections | Acunetix
See Also
Troubleshooting Common JSON Import ErrorsWhat are the most important API security best practices for JSON web services?How do you secure and encrypt JSON and XML data in web communication?JSON Injection
JSON hijacking | GitLab (2024)
Top Articles
Standard 3: Identify, Mitigate, and Disclose Relevant Financial Relationships - ACCME
How to Level Up or Gain experience?
Rek Funerals
Craigslist Free Stuff Appleton Wisconsin
Mcoc Immunity Chart July 2022
Pickswise the Free Sports Handicapping Service 2023
Farmers Branch Isd Calendar
414-290-5379
The Binding of Isaac
Craigslist Deming
Flower Mound Clavicle Trauma
Apne Tv Co Com
Craigslist In Flagstaff
Las 12 mejores subastas de carros en Los Ángeles, California - Gossip Vehiculos
Charter Spectrum Store
Wbiw Weather Watchers
Puretalkusa.com/Amac
Azur Lane High Efficiency Combat Logistics Plan
Pasco Telestaff
Bento - A link in bio, but rich and beautiful.
Cpt 90677 Reimbursem*nt 2023
Elite Dangerous How To Scan Nav Beacon
Sorrento Gourmet Pizza Goshen Photos
Hefkervelt Blog
City Of Durham Recycling Schedule
Ou Football Brainiacs
The Powers Below Drop Rate
Craigs List Jax Fl
Best Laundry Mat Near Me
49S Results Coral
Davita Salary
Shiftwizard Login Johnston
6143 N Fresno St
Ixl Lausd Northwest
Weekly Math Review Q4 3
All Things Algebra Unit 3 Homework 2 Answer Key
Closest 24 Hour Walmart
Hotels Near New Life Plastic Surgery
Eleceed Mangaowl
Space Marine 2 Error Code 4: Connection Lost [Solved]
Giantess Feet Deviantart
Kelley Blue Book Recalls
One Main Branch Locator
How much does Painttool SAI costs?
Jason Brewer Leaving Fox 25
Htb Forums
Vocabulary Workshop Level B Unit 13 Choosing The Right Word
Bonecrusher Upgrade Rs3
Blippi Park Carlsbad
303-615-0055
Latest Posts
How much does TK pay towards osteopathic treatment? | TK
32 iPhone User Statistics 2024 (Demographics & Revenue)
Article information

Author: Cheryll Lueilwitz

Last Updated:

Views: 5960

Rating: 4.3 / 5 (54 voted)

Reviews: 85% of readers found this page helpful

Author information

Name: Cheryll Lueilwitz

Birthday: 1997-12-23

Address: 4653 O'Kon Hill, Lake Juanstad, AR 65469

Phone: +494124489301

Job: Marketing Representative

Hobby: Reading, Ice skating, Foraging, BASE jumping, Hiking, Skateboarding, Kayaking

Introduction: My name is Cheryll Lueilwitz, I am a sparkling, clean, super, lucky, joyous, outstanding, lucky person who loves writing and wants to share my knowledge and understanding with you.