Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added check for illegal HTTP header value in redirect_to
The set of legal characters for an HTTP header value is described in https://datatracker.ietf.org/doc/html/rfc7230\#section-3.2.6. This commit adds a check to redirect_to that ensures the provided URL does not contain any of the illegal characters. Downstream consumers of the resulting Location response header may remove the header if it does not comply with the RFC. This can result in a cross site scripting (XSS) vector by allowing for the redirection page to sit idle waiting for user interaction with the provided malicious link. [CVE-2023-28362]
- Loading branch information
1 parent
f09dc7c
commit 1c3f93d
Showing
2 changed files
with
37 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters