Fetch from service worker bypasses protection

mjz3 / LeakuidatorPlus

Leakuidator+ helps users to protect themselves against cross-site leaks, a class of vulnerabilities derived from side-channels built into the web platform.

5 stars 2 forks source link

Fetch from service worker bypasses protection #9

Open NDevTK opened 2 years ago

NDevTK commented 2 years ago

The tabId is -1

mjz3 commented 2 years ago

AFAIK the tabId -1 is related to workers. Can you explain why we should protect the requests made by workers?

NDevTK commented 2 years ago

Because there attacker controlled and allow for timing attacks.

mjz3 commented 2 years ago

I am not convinced yet that this will yield to a targeted deanonymization attack. Within the attack page, the trigger is important. Can a worker open a new tab/window by user click? Besides, tab relations are recorded by tab ids. Multiple -1 ids for different workers in relations?