Question 1

What is cross-site WebSocket hijacking?

Accepted Answer

Cross-site WebSocket hijacking (CSWSH) occurs when a WebSocket endpoint does not validate the Origin header during the handshake. An attacker can create a malicious web page that opens a WebSocket connection to the vulnerable server, reusing the victim's cookies for authentication, and then read or send messages on their behalf.

Question 2

How do I secure WebSocket connections?

Accepted Answer

Validate the Origin header during the WebSocket handshake and reject connections from untrusted origins. Use token-based authentication instead of relying solely on cookies, implement CSRF tokens in the handshake, use wss:// (WebSocket Secure) for encrypted connections, and apply rate limiting to WebSocket messages.

WebSocket Hijacking

Challenges

Frequently Asked Questions