# Unsanitized user input in redirect

## Overview

* **Rule ID**: `javascript_lang_open_redirect`
* **Applicable Languages**: Javascript
* **Weakness ID**: CWE-601

## Description

Using unsanitized user input in redirects increases the risk of phishing attacks. This vulnerability arises when an application dynamically redirects users to a URL that includes user-controlled input without adequate validation or sanitization.

## Remediation Guidelines

* **Do not** use user input directly in redirect URLs. This can result in phishing attacks where attackers redirect users to malicious sites.
* **Do** validate and sanitize all user input used in redirects. Ensure that the destination URLs are safe and legitimate. Use a whitelist of allowed URLs whenever possible.
* **Do** implement server-side redirection methods that prevent user input from directly determining the destination. This ensures that the application maintains control over the redirect targets.

## References

* [**OWASP Unvalidated Redirects and Forwards Cheat Sheet**](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html)
* [**CWE-601: URL Redirection to Untrusted Site ('Open Redirect')**](https://cwe.mitre.org/data/definitions/601.html)
* [**OWASP Top 10: A01:2021 - Broken Access Control**](https://owasp.org/Top10/A01_2021-Broken_Access_Control/)

## Configuration

To omit this rule during a scan, and to provide you with continuous 24/7 code-level scanning, you can employ our [**SAST TOOL**](https://scopy.sec1.io/login)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sec1.io/user-docs/4-sast/3-javascript/unsanitized-user-input-in-redirect-lang.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.