Open redirection

オープンリダイレクトについて。

Open redirection (reflecteed) - PortSwigger

オープンリダイレクトとは

Open redirection vulnerabilities arise when an application incorporates user-controllable data into the target of a redirection in an unsafe way. An attacker can construct a URL within the application that causes a redirection to an arbitrary external domain. This behavior can be leveraged to facilitate phishing attacks against users of the application.

オープンリダイレクトを利用することで、フィッシングが容易になるわけだ。

対策

  • Remove the redirection function from the application, and replace links to it with direct links to the relevant target URLs.
  • Maintain a server-side list of all URLs that are permitted for redirection. Instead of passing the target URL as a parameter to the redirector, pass an index into this list.