Skip to content

Browser Uploads Egress Tests (DM-WEB)

Validate that browser and application upload flows cannot leak sensitive data (including chunked uploads and direct-IP attempts) when policy denies it.

Objectives

  • Block HTTP form uploads of classified content.
  • Prevent chunked or multi-part upload bypass.
  • Ensure proxy+pinning and fail-closed posture apply during uploads.

Preconditions

  • Apply the following deny-by-default policy:
json
{
  "configuration": {
    "network": {
      "capabilities": { "egressDefaultAction": "deny" }
    },
    "launch": {
      "runtime": {
        "dataMotion": {
          "settings": {
            "clipboard": { "enabled": true, "defaultAction": "deny" },
            "dragDrop": { "enabled": true, "defaultAction": "deny" }
          }
        }
      }
    }
  }
}

Controls Under Test

  • runtime.dataMotion.rules[] (clipboard/drag-drop interactions with browsers)
  • Networking proxy and pinning

Test Scenarios

IDTest ScenarioProcedureExpected Outcome
DM-WEB-01HTTP Upload of Classified File1. Label file as CUI.
2. Attempt upload via web form.
Pass: Upload denied or transformed per policy.
DM-WEB-02Chunked Upload Bypass1. Attempt multiple small chunk uploads.
2. Recombine server-side.
Pass: Rate-limits/denies prevent exfiltration.
DM-WEB-03Direct IP Upload1. Attempt POST to server IP directly.Pass: Denied by egress default deny unless allowed.
DM-WEB-04TLS Pinning/Proxy Outage1. MitM with wrong CA or simulate proxy outage.Pass: Connection fails; no direct fallback.
DM-WEB-05WebSocket Upload Masquerade1. Use Upgrade: websocket to stream file bytes to server.
2. Attempt to bypass HTTP upload controls.
Pass: Denied by proxy/pinning/default-deny; audit shows httpUpgrade: websocket, action: deny.
DM-WEB-06HTTP/3 (QUIC) Upload1. Force HTTP/3 to target endpoint.
2. Attempt file upload.
Pass: Denied; audit captures alpn: "h3"; no fallback to direct path.
DM-WEB-07IPv6 Literal/SNI-less1. Attempt POST to IPv6 literal without SNI.Pass: Denied by SNI/pinning; audit shows sni: null, ip: ....
DM-WEB-08Alternate Ports (8443/9443)1. Attempt upload on non-standard TLS ports.Pass: Denied by default deny; port recorded in audit; no implicit allow.
DM-WEB-09MIME Mismatch1. Set Content-Type: text/plain but send binary .zip.
2. Attempt server accept.
Pass: Denied or transformed per policy; audit notes mismatch/context.
DM-WEB-10Chunked Obfuscation & Rechunk1. After block, vary chunk sizes/out-of-order recombination attempts.
2. Retry with delays to evade rate limits.
Pass: Rate limit and cumulative quota prevent exfiltration; correlated events show cumulative bytes.

Evidence Requirements

  • Audit category: dataMotion and/or network with action, outcome, and classification context when applicable.
  • For transport details include: protocol, alpn (h2/h3), sni, ip, port, proxyUsed, httpUpgrade (when present), pinnedRootRef/pinnedCertRef.
  • For rate limiting include: bytes, cumulativeBytes, rateLimitTriggered.

Example Audit Artifact

json
{
  "timestamp": "2026-01-21T23:55:00Z",
  "category": "network",
  "protocol": "tls",
  "alpn": "h2",
  "httpUpgrade": "websocket",
  "sni": "uploads.example.com",
  "ip": "203.0.113.10",
  "port": 443,
  "proxyUsed": true,
  "pinnedRootRef": "corp-root-2026",
  "action": "deny",
  "outcome": "blocked",
  "reason": "unpinned-endpoint",
  "sessionId": "aa31e2...",
  "appId": "sandbox-browser",
  "siteRef": "prod-us-1"
}

Troubleshooting

  • Confirm the browser inside the sandbox honors proxy enforcement; disable any auto-switching to direct where possible.
  • Validate classification mapping so normalized labels (e.g., CUI) appear for labeled artifacts.
  • For chunked uploads, ensure server-side recombination is observable and audit correlates multiple events when applicable.

Known Limitations & Negative Space

  • These procedures do not cover client-side obfuscation/encryption prior to upload; treat as separate adversarial scenarios.
  • Browser extensions can alter behavior; test with a clean profile unless the extension is in scope.