Why this matters
Allowing unvalidated redirection URLs in HTTP responses can expose users to phishing attacks. Always validate redirection URLs and restrict them to trusted domains.
Check if HTTP request redirections are unvalidated. Allowing arbitrary redirections can expose users to phishing attacks. Recommend validating and restricting URLs.
Allowing unvalidated redirection URLs in HTTP responses can expose users to phishing attacks. Always validate redirection URLs and restrict them to trusted domains.
Side-by-side examples engineers can pattern-match during review.
server.get('/redirect', (request, response) => {
response.redirect(request.query.url); // Noncompliant
});server.get('/redirect', (request, response) => {
if (request.query.url.startsWith("https://www.example.com/")) {
response.redirect(request.query.url);
}
});server.get('/redirect', (request, response) => {
response.redirect(request.query.url); // Noncompliant
});server.get('/redirect', (request, response) => {
if (request.query.url.startsWith("https://www.example.com/")) {
response.redirect(request.query.url);
}
});From the same buckets as this rule.