Unsanitized User input in Redirect HAPI

Overview

• Rule ID: javascript_hapi_open_redirect

• Applicable Languages: Javascript

• Weakness ID: CWE-601

Description

Using unsanitized user input for redirection can expose your application to phishing attacks. This vulnerability arises when user input directly determines the destination of a redirect without proper validation, making it easier for attackers to send users to malicious sites.

Remediation Guidelines

• Do not use unsanitized user input to construct URLs for redirection. This can lead to security vulnerabilities where attackers might exploit the redirect to send users to malicious sites.

• Do validate user input by employing a safelist or mapping strategy for constructing URLs. This ensures that only pre-approved destinations are used for redirects, significantly reducing the risk of phishing attacks.

  Copy

  var map = {
    "1": "/planes",
    "2": "/trains",
    "3": "/automobiles",
  }
  
  res.redirect(map[req.body.transport]);
  

References

• OWASP Unvalidated Redirects and Forwards Cheat Sheet

• CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

• OWASP Top 10: A01:2021 - Broken Access Control

Configuration

To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our SAST TOOL