generic.nginx.security.insecure-redirect.insecure-redirect

Community Favorite

semgrep

Author

49,043

Download Count*

License

Detected an insecure redirect in this nginx configuration. If no scheme is specified, nginx will forward the request with the incoming scheme. This could result in unencrypted communications. To fix this, include the 'https' scheme.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: insecure-redirect
    patterns:
      - pattern-either:
          - pattern: rewrite ... redirect
          - pattern: rewrite ... permanent
      - pattern-not-inside: rewrite ... https ... $host ... redirect
      - pattern-not-inside: rewrite ... https ... $host ... permanent
      - pattern-not-regex: (?i)https:\/\/
    paths:
      include:
        - "*.conf"
        - "*.vhost"
        - sites-available/*
        - sites-enabled/*
    message: Detected an insecure redirect in this nginx configuration. If no scheme
      is specified, nginx will forward the request with the incoming scheme.
      This could result in unencrypted communications. To fix this, include the
      'https' scheme.
    languages:
      - generic
    severity: WARNING
    metadata:
      cwe:
        - "CWE-319: Cleartext Transmission of Sensitive Information"
      category: security
      technology:
        - nginx
      confidence: LOW
      owasp:
        - A03:2017 - Sensitive Data Exposure
        - A02:2021 - Cryptographic Failures
      references:
        - https://owasp.org/Top10/A02_2021-Cryptographic_Failures
      subcategory:
        - audit
      likelihood: LOW
      impact: LOW
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
      vulnerability_class:
        - Mishandled Sensitive Information

Short Link: https://sg.run/8y14