Back

External redirection

By
Rejah Rehim
Published on
02 Jul 2022
1 min read

URL redirection is forwarding a user from one page to another page. There are basically two types of redirection:-

  • Internal Redirection: Forwarding to internal pages.
  • External Redirection: Forwarding to external pages (Other domains).

There are many servers that are vulnerable to external redirection where an application incorporates user-controllable data into the target of a redirection in an insecure way. An attacker can construct a URL within the application that causes a redirection to any random external domain.

Example

The following are the examples of redirection:-

        Please follow <a href="http://www.sashsite.com/">this link</a>. // Manual redirect

Server side scripting

        header('HTTP/1.1 301 Moved Permanently');
        header('Location: http://www.example.com/');
        exit();

Javascript

        window.location='http://www.example.com/'

Impact

The attacker can do the following impacts:-

  • Execute malicious code
  • Unstable the web application
  • Remote Command Execution

Mitigation / Precaution

This vulnerability can be fixed by:-

  • Removing the redirection function from the application
  • Replacing the links with direct links to relevant target URLs.
  • Maintaining a server-side list of all URLs that are permitted for redirection.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.
Product tour
Written by
Rejah Rehim
Rejah Rehim
Co-founder, Director
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.
Product tour