내용으로 건너뛰기
AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post
re:Post 소개

Adding localhost to Hosted UI -> callback URLs for testing. Security risks?

0

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. In my development environment, which is also used for early user testing to get feedback, I am using http://localhost as well as the development domain. I am using google authentication through cognito. My question is, is there are security risk in having localhost as a callback URL that could give an attacker some ability to pose any risk to my development environment? if so, what is the best way to address this?

주제
보안, 신원 및 규정 준수AWS Well-Architected 프레임워크
태그
아마존 Cognito보안
언어
English
질문됨 2년 전1.3천회 조회
1개 답변
1

Hello.

Although it's not Cognito, there was something like the URL below that explains the security risks of using localhost as the callback URL.
https://community.auth0.com/t/security-risks-of-using-localhost-for-callback-url/118781

전문가
답변함 2년 전
전문가
검토됨 2년 전
전문가
검토됨 2년 전
  • CurryLeaf
    2년 전

    Thank you but I am looking for an answer specifically in the context of AWS Cognito and how to address any risks in this context. I would appreciate answers from people with knowledge in this area please.

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

관련 콘텐츠