Cookies are usually scoped to a specific domain. If they are scoped to the parent domain they can be used in any sub domain. This could have security implications if it can be used somewhere it shouldnโt be
HTML
[[Pasted image 20240501070654.png]]
Content Sniffing
Always specify mime type and encoding
Same origin policy
Message handling is rare but is a place to look for bugs
CORS
A good place to get vulns
CSRF
Not very common
Refer headers are unreliable
Apps shouldnโt change state with GET requests - CSRF is broken in that case
