跳至内容
使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post
关于 re:Post

Adding localhost to Hosted UI -> callback URLs for testing. Security risks?

0

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. In my development environment, which is also used for early user testing to get feedback, I am using http://localhost as well as the development domain. I am using google authentication through cognito. My question is, is there are security risk in having localhost as a callback URL that could give an attacker some ability to pose any risk to my development environment? if so, what is the best way to address this?

主题
安全、身份和合规性AWS 架构完善的框架
标签
亚马逊 Cognito安全性
语言
English
已提问 2 年前1349 查看次数
1 回答
1

Hello.

Although it's not Cognito, there was something like the URL below that explains the security risks of using localhost as the callback URL.
https://community.auth0.com/t/security-risks-of-using-localhost-for-callback-url/118781

专家
已回答 2 年前
专家
已审核 2 年前
专家
已审核 2 年前
  • CurryLeaf
    2 年前

    Thank you but I am looking for an answer specifically in the context of AWS Cognito and how to address any risks in this context. I would appreciate answers from people with knowledge in this area please.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

相关内容