File tree Expand file tree Collapse file tree 1 file changed +4
-6
lines changed
swift/ql/src/queries/Security/CWE-020 Expand file tree Collapse file tree 1 file changed +4
-6
lines changed Original file line number Diff line number Diff line change 3737 <p >
3838
3939 The following example code checks that a URL redirection
40- will reach the <code >example.com</code > domain, or one of its
41- subdomains, and not some malicious site.
40+ will reach the <code >example.com</code > domain, and not
41+ some malicious site.
4242
4343 </p >
4444
4747 <p >
4848
4949 The check with the regular expression match is, however, easy to bypass. For example
50- by embedding <code >http://example.com/</code > in the query
51- string component: <code >http://evil-example.net/?x=http://example.com/</code >.
52-
50+ by embedding <code >http://www.example.com/</code > in the query
51+ string component: <code >http://evil-example.net/?x=http://www.example.com/</code >.
5352 Address these shortcomings by using anchors in the regular expression instead:
5453
5554 </p >
6968 </example >
7069
7170 <references >
72- <li >MDN: <a href =" https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions" a ></li >
7371 <li >OWASP: <a href =" https://www.owasp.org/index.php/Server_Side_Request_Forgery" a ></li >
7472 <li >OWASP: <a href =" https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html" a >.</li >
7573 </references >
You can’t perform that action at this time.
0 commit comments