Detect the Same-Origin Redirection with a bug in Firefox's CSP Implementation
Summary
Firefox’s bug in CSP implementation, which will be fixed in Firefox 62, provides us the way to detect the redirection of any given URL when accessed with the victim’s Firefox. Practically, OAuth is one of interesting features which requires redirections. Here is a PoC (Fingerprinting with CSP violation) which detects the following points:
- whether you have logged in Facebook with your Firefox.
- (if you are logged in FB,) whether you have logged in a site (in this case, foursquare.com, cybozulive.com, www.ikyu.com) with Facebook Login.
It works only with Firefox (<= 61).