Skip to content
This repository has been archived by the owner on Sep 11, 2019. It is now read-only.

[Feature request] Open redirect #95

Open
tristandostaler opened this issue Dec 12, 2017 · 1 comment
Open

[Feature request] Open redirect #95

tristandostaler opened this issue Dec 12, 2017 · 1 comment

Comments

@tristandostaler
Copy link

I think it could be interesting to have an analyser that detects potential open redirect.
@bchurchill
Copy link

bchurchill commented Jan 23, 2018
edited
Loading

I know this can happen if an untrusted input flows into Response.Redirect() or Server.Transfer(). That alone should be pretty straightforward to add (if I understand correctly -- and I may not since I'm really new to this project -- it just means adding to sinks.yml). Are there others on the server side that you know of?

@bchurchill bchurchill mentioned this issue Jan 23, 2018
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bchurchill @tristandostaler