Skip to content
This repository has been archived by the owner on Nov 28, 2023. It is now read-only.

Next links can be misused #42

Open
stuartmscott opened this issue Mar 2, 2022 · 0 comments
Open

Next links can be misused #42

stuartmscott opened this issue Mar 2, 2022 · 0 comments
Labels
bug Something isn't working

Comments

@stuartmscott
Copy link
Member

Next links (like '/sign-in?next=%2Faccount') can be misused to redirect users to another page (eg '/sign-in?next=%2F%2Fstripe.com')

Options:

  1. Whitelist next values - though this will get tricky (eg /sign-in?next=%2Freply with conversation and message id)
  2. Strip double forward slash from next values to prevent redirect to another site - though this doesn't stop redirects to other parts of Convey
  3. Store next value in an encrypted cookie

(cc @Kostadin)
@stuartmscott stuartmscott added the bug Something isn't working label Mar 2, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@stuartmscott