You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A common suggestion for checking whether a URL is safe to redirect to (found, for example, on StackOverflow) is to parse it and check that the netloc is empty, meaning that the URL doesn't specify a host name. The CodeQL query does not recognise this as a sanitiser.
In general, I think the following is a reasonable sanitiser:
untrusted=untrusted.replace("\\", "/")
ifurlparse(untrusted).netloc=='':
# fine to redirect, `untrusted` is a relative path, not a URL
(Note that the bit about replacing backslashes with slashes is important since urlparse doesn't treat backslashes the way many browses do.)
Code samples or links to source code
For example, the following snippet is flagged, though I think it is safe:
The main shortcoming at the moment is that it doesn't track whether backslashes have been eliminated, so as it stands the query on that branch would let insufficient sanitisation slip through, which is perhaps not what we want.
Description of the false positive
A common suggestion for checking whether a URL is safe to redirect to (found, for example, on StackOverflow) is to parse it and check that the
netlocis empty, meaning that the URL doesn't specify a host name. The CodeQL query does not recognise this as a sanitiser.In general, I think the following is a reasonable sanitiser:
(Note that the bit about replacing backslashes with slashes is important since
urlparsedoesn't treat backslashes the way many browses do.)Code samples or links to source code
For example, the following snippet is flagged, though I think it is safe:
The text was updated successfully, but these errors were encountered: