URL redirection to untrusted site (open redirect)
Description
This site was found to allow open redirects from user supplied input. Open redirects are commonly
abused in phishing attacks where the original domain or URL looks like a legitimate link, but then
redirects a user to a malicious site. An example would be
https://example.com/redirect?url=https://%62%61%64%2e%63%6f%6d%2f%66%61%6b%65%6c%6f%67%69%6e
which,
when decoded turns into bad.com/fakelogin
.
Remediation
Never redirect a client based on user input found in a GET
request. It is recommended that the list
of target links to redirect a user to are contained server side, and retrieved using a numerical value
as an index to return the link to be redirected to. For example, /redirect?id=1
would cause the
application to look up the 1
index and return a URL such as https://example.com
. This URL would
then be used to redirect the user, using the 301 response code and Location
header.
Details
ID | Aggregated | CWE | Type | Risk |
---|---|---|---|---|
601.1 | true | 601 | Passive | Low |
Links
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support