New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open Redirection Vulnerability #731
Comments
|
From bhati.fe..._at_gmail.com on September 30, 2014 21:53:11 Sorry i forget to mention other information , Here it is What is the expected output? What do you see instead? Expected out is to prevent users to redirect to other domain , But What version of the product are you using? On what operating system? Please provide any additional information below. |
|
From bhati.fe..._at_gmail.com on October 17, 2014 03:48:38 More update on this issue http://127.0.0.1:8000/user/logout?_next=http://attacker.com this is the clear open redirection vulnerability which i found recently |
|
Any acknowledgement for reporting this ? |
|
would it be enough to check for "http(s)" in _next and not redirecting at all in case it's found ? |
|
actually, there's a whole machinery to prevent open redirections in login() but not on logout(). we should extend that machinery to logout() too. |
|
And by the way, why not making it reusable for user to help them managing On Thu, Jan 29, 2015 at 4:08 PM, niphlod notifications@github.com wrote:
|
From bhati.fe..._at_gmail.com on October 01, 2014 06:46:01
Issue - Open Redirection TO Any Domain
Dependency - For Successful Redirection We Need Administration Password
Only Unauthenticated Users Are Affected , If an user is already authenticated on web2py then he will not get redirec , Apart from this , Users who are non authenticated like "End Users" Will get redirection successfully"
Severity - Medium ( According To Me ) =D Correct me if i am wrong
Tested On - Web2py Tester Version From Official Site
Reported By - Narendra Bhati
Here i have tested this issue on Tested version provided by Web2py Official Site What steps will reproduce the problem? 1. http://127.0.0.1:8000/admin/default/index?password=sumasoft123&send=http%3A%2F%2Fgoogle.com
( successful redirection tested on "Tester" Version Of Web2py Latest Version)
2. Replace the password parameter value to your administration password
3. After replacing the valid password enter any domain and you will ger redirected What is the expected output? What do you see instead? What version of the product are you using? On what operating system? Please provide any additional information below.
Original issue: http://code.google.com/p/web2py/issues/detail?id=1992
The text was updated successfully, but these errors were encountered: