跳至內容
使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post
關於 re:Post

Adding localhost to Hosted UI -> callback URLs for testing. Security risks?

0

Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. In my development environment, which is also used for early user testing to get feedback, I am using http://localhost as well as the development domain. I am using google authentication through cognito. My question is, is there are security risk in having localhost as a callback URL that could give an attacker some ability to pose any risk to my development environment? if so, what is the best way to address this?

主題
安全性、身分識別與合規AWS 架構完善的框架
標籤
Amazon Cognito安全
語言
English
已提問 2 年前檢視次數 1346 次
1 個回答
1

Hello.

Although it's not Cognito, there was something like the URL below that explains the security risks of using localhost as the callback URL.
https://community.auth0.com/t/security-risks-of-using-localhost-for-callback-url/118781

專家
已回答 2 年前
專家
已審閱 2 年前
專家
已審閱 2 年前
  • CurryLeaf
    2 年前

    Thank you but I am looking for an answer specifically in the context of AWS Cognito and how to address any risks in this context. I would appreciate answers from people with knowledge in this area please.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

相關內容