Ir para o conteúdo
Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post
sobre o re:Post

Adding localhost to Hosted UI -> callback URLs for testing. Security risks?

0

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. In my development environment, which is also used for early user testing to get feedback, I am using http://localhost as well as the development domain. I am using google authentication through cognito. My question is, is there are security risk in having localhost as a callback URL that could give an attacker some ability to pose any risk to my development environment? if so, what is the best way to address this?

Tópicos
Segurança, identidade e conformidadeAWS Well-Architected Framework
Tags
Amazon CognitoSegurança
Idioma
English
feita há 2 anos1,3 mil visualizações
1 Resposta
1

Hello.

Although it's not Cognito, there was something like the URL below that explains the security risks of using localhost as the callback URL.
https://community.auth0.com/t/security-risks-of-using-localhost-for-callback-url/118781

ESPECIALISTA
respondido há 2 anos
ESPECIALISTA
avaliado há 2 anos
ESPECIALISTA
avaliado há 2 anos
  • CurryLeaf
    há 2 anos

    Thank you but I am looking for an answer specifically in the context of AWS Cognito and how to address any risks in this context. I would appreciate answers from people with knowledge in this area please.

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Conteúdo relevante