Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,660 --> 00:00:01,920 Welcome back to another video. 2 00:00:02,100 --> 00:00:05,580 In this video, we're going to talk about same origin policy. 3 00:00:06,660 --> 00:00:14,280 Browsers are often used as claims to access applications, but in reality, a browser is one of the 4 00:00:14,280 --> 00:00:20,490 most complicated software programs in your straight SIM origin policies, one of the features that many 5 00:00:20,490 --> 00:00:24,390 browsers support to protect users from a variety of attacks. 6 00:00:25,020 --> 00:00:31,710 Before we discuss about SIM origin policy, it is important to understand what origin is. 7 00:00:32,520 --> 00:00:38,970 When content is loaded from different sources on the Web, browsers should be able to differentiate 8 00:00:38,970 --> 00:00:41,190 between the content from different sources. 9 00:00:42,030 --> 00:00:44,310 This is where origin comes into picture. 10 00:00:44,850 --> 00:00:52,890 Origin is used to define different parties and draw boundaries between them more precisely, and this 11 00:00:52,890 --> 00:00:56,250 origin is represented as steam host. 12 00:00:56,250 --> 00:01:03,900 Portable scheme refers to the protocol used, for example, its GDP or hatred heterogeneous that we 13 00:01:03,900 --> 00:01:05,460 almost always see. 14 00:01:06,240 --> 00:01:12,520 And the host refers to the domain name and port refers to the port no configured on the web. 15 00:01:12,540 --> 00:01:19,110 So if you see the example that is shown on the screen here, there are two domains here which are considered 16 00:01:19,110 --> 00:01:21,210 to be from different origins. 17 00:01:21,540 --> 00:01:29,040 The reason is in the first domain, the scheme is Hedgepeth, and in the second domain, the scheme 18 00:01:29,040 --> 00:01:30,500 is heterodoxy. 19 00:01:30,990 --> 00:01:34,320 That's one differentiator if the scheme is different. 20 00:01:34,620 --> 00:01:37,740 These two domains are from two different origins. 21 00:01:38,250 --> 00:01:40,530 Similarly, we can check the host. 22 00:01:41,040 --> 00:01:44,610 The host in the first domain is legit dot com. 23 00:01:45,300 --> 00:01:47,640 In case of the second domain it is evil. 24 00:01:47,640 --> 00:01:52,500 Dot com, little dot com and even dot com are two different domains. 25 00:01:52,860 --> 00:01:56,850 And there's these two domains are from different origins. 26 00:01:57,300 --> 00:02:04,380 Similarly, the port in the first case is ForFour three by default because we are using IDP's and in 27 00:02:04,380 --> 00:02:08,010 the second domain case the port is eight zero eight zero. 28 00:02:08,430 --> 00:02:14,760 Once again, these ports can be used to determine if these two domains are from the same origin or not. 29 00:02:15,420 --> 00:02:20,910 Remember, it is enough for one of these three to be different in these two domains. 30 00:02:21,210 --> 00:02:28,320 For instance, Heggarty be able dot com eight zero eight zero is one domain and Heggarty be evil. 31 00:02:28,320 --> 00:02:31,770 Dot com eight zero eight nine is another domain. 32 00:02:32,160 --> 00:02:38,550 Since the port number in these two domains is different, they are still considered to be from different 33 00:02:38,550 --> 00:02:39,260 origins. 34 00:02:39,750 --> 00:02:42,150 So that's how origin is defined. 35 00:02:42,750 --> 00:02:49,290 Communications between these different origins are generally known as cross origin interactions. 36 00:02:49,980 --> 00:02:55,650 Though crosseyed and interactions are beneficial, they are also the cause of several netbacks. 37 00:02:56,550 --> 00:03:02,760 Some cross origin requests can be potentially dangerous and can cause a change in the state of remote 38 00:03:02,760 --> 00:03:04,800 server crosseyed request. 39 00:03:04,800 --> 00:03:08,670 Forgery, or CSIR is an example of such an attack. 40 00:03:09,360 --> 00:03:17,220 Now that we understood what origin is, let's try to understand the same origin policy, same origin 41 00:03:17,220 --> 00:03:25,560 policy or S.O.P is a browser level security control which dictates how a document or script served by 42 00:03:25,560 --> 00:03:29,460 one origin can interact with a resource from some other origin. 43 00:03:30,270 --> 00:03:37,080 This ensures that scripts running under one origin cannot read data from another origin. 44 00:03:37,440 --> 00:03:45,450 So by same origin policy, typically cross origin rights are allowed, but cross origin rights are typically 45 00:03:45,450 --> 00:03:46,050 not allowed. 46 00:03:46,680 --> 00:03:48,900 Even when it comes to cross origin rights. 47 00:03:48,900 --> 00:03:54,720 There are some restrictions in certain cases where additional requests will be sent by the browser to 48 00:03:54,720 --> 00:04:00,270 perform things like pre-flight checks, which is typically the case in XML HDB requests. 49 00:04:00,870 --> 00:04:06,330 But typically HTML form submissions are allowed by same origin policy. 50 00:04:06,900 --> 00:04:13,260 Now, keeping these concepts in mind, let's try to understand how some of the commonly seen vulnerability's 51 00:04:13,260 --> 00:04:18,810 like crosseyed scripting and cost site request forgery are related to same audit in policy. 52 00:04:19,240 --> 00:04:21,780 Let's first talk about cross site scripting. 53 00:04:22,380 --> 00:04:29,010 As I mentioned earlier, cross origin groups are typically not allowed when you try to perform across 54 00:04:29,010 --> 00:04:30,090 site scripting attack. 55 00:04:30,330 --> 00:04:36,540 We typically try to execute JavaScript on the target domain and we try to read sensitive information 56 00:04:36,540 --> 00:04:37,410 like cookies. 57 00:04:37,920 --> 00:04:44,730 Now, this is typically not allowed by same origin policy, so you cannot set up an attacker's domain 58 00:04:45,030 --> 00:04:51,900 and execute some JavaScript there in a way that it retrieves the cookies of the victims website. 59 00:04:52,440 --> 00:04:58,920 And that's exactly the reason why you will have to find a way to execute JavaScript on the victims website. 60 00:04:59,830 --> 00:05:06,500 That's Crosseyed scripting, so because of this same ideas in policy, Crossfade script cannot be performed 61 00:05:06,680 --> 00:05:10,210 by executing JavaScript on an attacker controlled domain. 62 00:05:10,900 --> 00:05:17,600 Now, when it comes to CSR of CSR, Rove is typically performed by submitting a form which can make 63 00:05:17,600 --> 00:05:18,920 some state changes. 64 00:05:18,920 --> 00:05:23,690 On the server side, you're not expecting to read any response from the server. 65 00:05:24,440 --> 00:05:27,770 This means we are just required to make across our region. 66 00:05:27,770 --> 00:05:31,330 Right, which is typically allowed by same Autogen policy. 67 00:05:31,700 --> 00:05:38,270 So when you're conducting a quasi request forgery attack, you can host your payload on an attacker 68 00:05:38,270 --> 00:05:39,330 controlled website. 69 00:05:39,860 --> 00:05:46,090 So this is how Crosseyed scripting and CSR are related to seeing Autogen policy. 70 00:05:46,280 --> 00:05:53,100 So same ideas in policy is a foundation to understand Crosseyed scripting and Crossfade request forgery 71 00:05:53,120 --> 00:05:53,690 attacks. 7911