Yummy cookies across domains

Last Friday we announced and performed a migration of all GitHub Pages to their own github.io domain. This was a long-planned migration, with the specific goal of mitigating phishing attacks…

Vicent Martí
11 min readadvanced
--
View Original

Overview

The article discusses the migration of GitHub Pages to their own domain, aimed at mitigating phishing attacks and cross-domain cookie vulnerabilities. It explains the risks associated with cookie tossing attacks and the measures taken to enhance security during this transition.

What You'll Learn

1

How to mitigate cookie tossing attacks in web applications

2

Why migrating to a dedicated domain can enhance security

3

When to implement cookie path management strategies

Key Questions Answered

What are cookie tossing attacks and how do they occur?
Cookie tossing attacks exploit the way browsers send cookies in HTTP requests, allowing malicious cookies set in subdomains to be sent to the parent domain. This can lead to session hijacking or user annoyance, as the server cannot distinguish between legitimate and malicious cookies.
How does GitHub mitigate cookie tossing vulnerabilities?
GitHub mitigates cookie tossing vulnerabilities by implementing middleware that checks for duplicate cookies and instructs the browser to drop any subdomain cookies before processing requests. This approach helps ensure that only legitimate session cookies are sent to the server.
What is the impact of cookie overflow attacks?
Cookie overflow attacks exploit browser limits on the number of cookies per domain, allowing attackers to replace legitimate cookies with malicious ones. This can lead to session hijacking as the server cannot differentiate between the original and the forged cookies.
Why is it important to manage cookie paths in web applications?
Managing cookie paths is crucial because malicious cookies set for specific paths can evade deletion attempts if the server only tries to clear cookies at the root path. This can lead to persistent security vulnerabilities if not handled correctly.

Technologies & Tools

Backend
Rack
Used as the web server interface that powers Rails and Sinatra, handling cookie parsing.

Key Actionable Insights

1
Implement middleware to check for duplicate cookies in your web applications to prevent cookie tossing attacks.
This approach allows you to drop any suspicious cookies before they can affect user sessions, enhancing overall security.
2
Consider migrating user-generated content to a dedicated domain to reduce the risk of cross-domain cookie vulnerabilities.
This migration can significantly mitigate phishing risks and improve the security posture of your web applications.
3
Regularly review and manage cookie paths to ensure that malicious cookies cannot persist across different application routes.
By implementing path management strategies, you can prevent attackers from exploiting path-specific cookies that may evade deletion.

Common Pitfalls

1
Assuming that cookies set in subdomains will not affect the parent domain can lead to security vulnerabilities.
This misconception can result in cookie tossing attacks, where malicious cookies can be sent to the parent domain, potentially compromising user sessions.

Related Concepts

Cookie Security
Cross-domain Vulnerabilities
Web Application Security Best Practices