Details
Alert ID 90005-1
Alert Type Passive
Status alpha
Risk Informational
CWE 352
WASC 9
Technologies Targeted All
Tags CWE-352
POLICY_PENTEST
WSTG-V42-SESS-05
More Info Scan Rule Help

Summary

Specifies the relationship between request initiator’s origin and target’s origin.

Solution

Ensure that Sec-Fetch-Site header is included in request headers.

Other Info

References

Code

org/zaproxy/zap/extension/pscanrulesAlpha/FetchMetadataRequestHeadersScanRule.java