Problem with CORS

[q2dg]

Hello. I want to proxy "faceb00k.com" domain to "www.facebook.com"

I've just modified "phising" and "destination" options accordingly (besides "IP" to listen in 0.0.0.0 and "certificate","key" and "root" ones to put my custom server certificate, key and CA root certificate). Nothing more.

My problem is that when I navigate to "faceb00k.com" from a browser (dns-spoofed via manual edition of /etc/hosts file), I get the "www.facebook.com" page but very ugly, without css. Moreover, login process doesn't work (returned page says "my request couldn't be processed".

Looking at network details, it seems a CORS problem (see image) but I don't know how to solve it

Thanks a lot

[q2dg]

Well, I've discovered this issue was due to having the "shield" icon (shown in address bar) activated (I'm running Firefox, see https://support.mozilla.org/en-US/kb/trackers-and-scripts-firefox-blocks-enhanced-track for more information)

Anyway, now Facebook page is seen ok but when I try to log in, I get the error "Your request couldn't be processed" :-(

[q2dg]

Well, I suspect it's not just putting "phishing" and "destination" options because Muraena doesn't see any credentials though I'm writting them on Facebook's login webform. Documentation is really scarce...and Youtube videos don't teach anything. I'll close this issue. Thanks

[ohpe]

You're having problems with CORS because you did not instruct Muraena to MiTM also external origins such as static.xx.fbcdn.net.