# Unsanitized User input in Redirect

## Overview

* **Rule ID**: `javascript_express_open_redirect`
* **Applicable Languages**: Javascript
* **Weakness ID**: CWE-601

## Description

Using unsanitized user input for redirection can expose your application to phishing attacks. This vulnerability arises when user input directly determines the destination of a redirect without proper validation, making it easier for attackers to send users to malicious sites.

## Remediation Guidelines

* **Do not** use unsanitized user input to construct URLs for redirection. This can lead to security vulnerabilities where attackers might exploit the redirect to send users to malicious sites.
* **Do** validate user input by employing a safelist or mapping strategy for constructing URLs. This ensures that only pre-approved destinations are used for redirects, significantly reducing the risk of phishing attacks.

  ```javascript
  var map = {
    "1": "/planes",
    "2": "/trains",
    "3": "/automobiles",
  }

  res.redirect(map[req.body.transport]);

  ```

## References

* [**OWASP Unvalidated Redirects and Forwards Cheat Sheet**](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)
* [**CWE-601: URL Redirection to Untrusted Site ('Open Redirect')**](https://cwe.mitre.org/data/definitions/601.html)
* [**OWASP Top 10: A01:2021 - Broken Access Control**](https://owasp.org/Top10/A01_2021-Broken_Access_Control/)

## Configuration

To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our [**SAST TOOL**](https://scopy.sec1.io/login)