Web Security for Frontend Devs · Part 25 — Cross-Site WebSocket Hijacking (CSWSH)
Bonus track: the WebSocket handshake carries the victim cookies and the browser never applies CORS to it — so any site can open an authenticated socket if the server skips the Origin check. The mechanism, the defenses, and a live simulator.