Open Redirect

This check looks at user-supplied input in query string parameters and POST data to identify where open redirects might be possible.

Summary

This check looks at user-supplied input in query string parameters and POST data to identify where open redirects might be possible. Open redirects occur when an application allows user-supplied input (e.g., http://nottrusted.com) to control an offsite redirect. This is generally a pretty accurate way to find where 301 or 302 redirects could be exploited by spammers or phishing attacks.

For example, an attacker could supply a user with the following link: http://example.com/example.php?url=http://malicious.example.com.

Solution

To avoid the open redirect vulnerability, parameters of the application script/program must be validated before sending 302 HTTP code (redirect) to the client browser. Implement safe redirect functionality that only redirects to relative URI's, or a list of trusted domains

References

Secure Your Startup. Today.

We make your startup secure and compliant by implementing and managing the security controls your customers require.

Get Started

Latest Articles

View All Articles

Vulnerable JS Library

The Vulnerable JS Library is a common security issue that occurs when a web application uses outdated or unpatched JavaScript libraries. Cybercriminals exploit these vulnerabilities to gain access to sensitive data or cause damage to the application.

Vulnerabilities

min read

Referer Exposes Session ID

The 'Referer Exposes Session ID' vulnerability is a type of security flaw that can allow an attacker to hijack a user's session by exploiting the Referer header in HTTP requests.

Vulnerabilities

min read

Navigating GDPR Compliance on AWS

How to secure your AWS environment in compliance with the GDPR?

Mitigations

min read