typescript.nestjs.security.audit.nestjs-open-redirect.nestjs-open-redirect
semgrep
Author
161
Download Count*
License
Untrusted user input in {url: ...} can result in Open Redirect vulnerability.
Run Locally
Run in CI
Defintion
rules:
- id: nestjs-open-redirect
message: "Untrusted user input in {url: ...} can result in Open Redirect
vulnerability."
metadata:
cwe:
- "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"
category: security
technology:
- nestjs
owasp:
- A01:2021 - Broken Access Control
references:
- https://owasp.org/Top10/A01_2021-Broken_Access_Control
subcategory:
- audit
likelihood: LOW
impact: MEDIUM
confidence: LOW
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
vulnerability_class:
- Open Redirect
languages:
- typescript
severity: WARNING
patterns:
- pattern: |
return {url: $URL}
- pattern-inside: |
class $CN {
@Redirect(...)
$FN(...) {
...
}
}
- pattern-not: |
return {url: "..."}
Examples
nestjs-open-redirect.ts
import { Controller, Get, Header, Redirect, Query } from '@nestjs/common';
import { AppService } from './app.service';
@Controller()
export class AppController {
constructor(private readonly appService: AppService) {}
@Get('test')
@Redirect('https://docs.nestjs.com', 302)
getDocs1(@Query('input') userInput) {
if (userInput) {
// ruleid:nestjs-open-redirect
return { url: userInput };
}
}
@Get('test-ok')
@Redirect('https://docs.nestjs.com', 302)
getDocs2(@Query('input') userInput) {
return { url: 'https://docs.nestjs.com/v5/' };
}
}
Short Link: https://sg.run/6rJw