Unsanitized user input in redirect

• Rule ID: javascript_hapi_open_redirect
• Languages: javascript
• Source: open_redirect.yml

Description

Using unsanitized user input for redirects can make your application vulnerable to phishing attacks. This occurs when user input directly influences the destination of a redirect without any validation, potentially leading to malicious sites.

Remediations

• Do not use unsanitized user input to construct URLs for redirects. This practice can inadvertently lead to phishing attacks.
• Do validate user input by employing a safelist or predefined mapping for URL construction. This ensures that redirects only lead to safe and intended destinations.

  var map = {
    "1": "/planes",
    "2": "/trains",
    "3": "/automobiles",
  }
  
  res.redirect(map[req.body.transport])

References

• OWASP Unvalidated Redirects and Forwards Cheat Sheet

Associated CWE

• CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

OWASP Top 10

• A01:2021 - Broken Access Control

Configuration

To skip this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --skip-rule=javascript_hapi_open_redirect

To run only this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --only-rule=javascript_hapi_open_redirect