Redirection from HTTP to HTTPS to a different host preventing HSTS

Nash N Sulthan

Published on

05 Jun 2022

1 min read

Client Side URL Redirect

HSTS

The most effective way to redirect network traffic is to use a permanent redirection. This way, search engines and users can easily redirect to the website under HTTPS from an HTTP request. In many cases, this technique cannot guarantee safe traffic for your users. Redirection from HTTP to HTTPS can be abused by attackers for phishing attacks and can be redirected to a different host without any proper validation of user parameter by preventing HTTP Strict Transport Security. HSTS is a web security that ensures a secure connection between a server and its client.

Impact

Using this vulnerability, an attacker can:-

redirect the user to a malicious site to steal information/data.
show the end users some false data which will, in turn, affect the credibility of the website.

Mitigation / Precautions

According to Beagle, a secure connection can be achieved by using a response header field named Strict-Transport-Security.

        Strict-Transport-Security: max-age=31539000

A universal and straightforward technique is to configure the server to redirect to HTTPS. By this technique, when the server sends HTTPS to the client. The client sends HSTS and other attributes to the server. The initial response is always unsure/unsafe.

        Strict-Transport-Security: max-age=31536000; includeSubDomains

The above code sets all the subdomain connections as secure.

Automated human-like penetration testing for your web apps & APIs

Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Product tour

Written by