Uploaded image for project: 'Nuxeo Web UI'
  1. Nuxeo Web UI
  2. WEBUI-1511

Own Code Static Scan : Open Redirect

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: In Progress
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.0.x, 3.1.x
    • Fix Version/s: 3.0.x, 3.1.x
    • Component/s: Web UI

      Description

      MEDIUM - 1 Findings
      CWE 601 URL Redirection to Untrusted Site ('Open Redirect')

      Flaw Category: Insufficient Input Validation

       
      Description: A web application accepts a untrusted input that specifies a link to an external site, and uses that link to generate a redirect. This enables phishing attacks.

      Remediation: Always validate untrusted input to ensure that it conforms to the expected format, using centralized data validation routines when possible. Check the supplied URL against a whitelist of approved URLs or domains before redirecting.

      Attached screenshot for the code details in WebUI

       

      AC

      • URLs are sanitized before using a redirect
      • A nuxeo.conf property can be configured to setup an allowlist of domains Web UI can redirect to
        • property is called nuxeo.web.ui.trustedDomains
        • property takes a list of domains separated by commas, e.g. domain1,domain2
      • when the value is empty / not configured, all domains are considered as allowed
      • when the value is filled in, Web UI only allows to redirect to the external domains that have been configured
        • subdomains from domains in the list are allowed as well (e.g., I don't have to configure both nuxeo.com and www.nuxeo.com but only nuxeo.com to allow both)

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated: