Fix CVE-2014-4671 by FugiTech · Pull Request #93 · rack/rack-contrib (original) (raw)

CVE-2014-4671 describes a reflection attack using JSONP callbacks to cause a trusted domain to return a malicious SWF that can make requests to the trusted domain with the victims credentials. The attack relies on having control over the first byte of the response, and therefore can be mitigated by prepending valid Javascript to the response.

A more detailed write up of the attack and mitigations can be found at http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/