I’ll read about HEIST once I find some time, thanks for the pointer.
Rodrigo Rosenfeld Rosas
1

I’ve got your point. And you are right: when you has a cookie you don’t need CSRF, but combine vulnerability to CRIME + HEIST makes hacker able to steal the cookie by using CSRF, it’s actually not the kind CSRF usually mean, like some POST request changing state, but even using GET requests.

And that was the point where we start our misunderstanding ).

Actually HEIST brings CSRF on the new level by removing necessity of being man in the middle, replacing it with crossite request from JS.

Here is overview about HEIST and here is complete pdf about how it’s technically done.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.