XSS, encoding a return url

Here is the vulnerable code

  <?php header("Location: ".$_POST['target']); ?>

What is the appropriate way to make sure nasty things that come in to target are cleaned?

Answers


First up, this is a vulnerability

OWASP categorizes it as "Unvalidated Redirects and Forwards". See OWASP's guide for more information.

A few interesting attacks are possible. See this thread on sla.ckers.org for ideas on how this can be abused.

How do you protect yourself?

  • Verify the scheme of the URL. You usually only want to support http and https. Abort the request for any other scheme.
  • Parse the URL, and extract the domain. Only allow redirects to known list of domains. For other domains, abort the request.

That's about it.


Need Your Help

Ajax submitted form takes long time to process

ajax performance forms

I am wondering where this comes from : I have a 2 field form for a site that I am building and for some reason, the post request takes up to 13 seconds to complete, according to firebug... The script

export dataset to excel in c#

c# excel automation

I m having function which export data of dataset to an excel sheet.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.