Off-site Redirect

Open redirects are one of the OWASP 2010 Top Ten vulnerabilities. This check looks at user-supplied input in query string parameters and POST data to identify where open redirects might be possible. Open redirects occur when an application allows user-supplied input (e.g. https://nottrusted.com) to control an off-site destination. This is generally a pretty accurate way to find where 301 or 302 redirects could be exploited by spammers or phishing attacks.

For example an attacker could supply a user with the following link: https://example.com/example.php?url=https://malicious.example.com.

Unvalidated redirects enable phishing attacks by allowing attackers to craft legitimate-looking URLs that redirect users to malicious sites. Users trust links starting with a known domain, so a URL like https://trusted-bank.com/redirect?url=https://attacker.com appears legitimate in emails or messages. Attackers exploit this trust to steal credentials, distribute malware, or conduct social engineering attacks. This vulnerability is particularly effective because security-aware users who verify URLs before clicking will see the trusted domain and may not notice the redirect parameter.

To avoid the open redirect vulnerability, parameters of the application script/program must be validated before sending 302 HTTP code (redirect) to the client browser. Implement safe redirect functionality that only redirects to relative URI’s, or a list of trusted domains.