Direkt zum Inhalt
Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post
Über re:Post

Adding localhost to Hosted UI -> callback URLs for testing. Security risks?

0

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. In my development environment, which is also used for early user testing to get feedback, I am using http://localhost as well as the development domain. I am using google authentication through cognito. My question is, is there are security risk in having localhost as a callback URL that could give an attacker some ability to pose any risk to my development environment? if so, what is the best way to address this?

Themen
Sicherheit, Identität & KonformitätAWS Well-Architected Framework
Tags
Amazon CognitoSicherheit
Sprache
English
gefragt vor 2 Jahren1351 Aufrufe
1 Antwort
1

Hello.

Although it's not Cognito, there was something like the URL below that explains the security risks of using localhost as the callback URL.
https://community.auth0.com/t/security-risks-of-using-localhost-for-callback-url/118781

EXPERTE
beantwortet vor 2 Jahren
EXPERTE
überprüft vor 2 Jahren
EXPERTE
überprüft vor 2 Jahren
  • CurryLeaf
    vor 2 Jahren

    Thank you but I am looking for an answer specifically in the context of AWS Cognito and how to address any risks in this context. I would appreciate answers from people with knowledge in this area please.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Relevanter Inhalt