search

Bearer / bearer-rules

Rules for Bearer SAST
https://docs.bearer.com/reference/rules/
Other
24 stars 7 forks source link

Improve ruby_rails_open_redirect accuracy #179

Open gotbadger opened 1 year ago

gotbadger commented 1 year ago

Description & Reproduction

Rails 7 now has open redirect protection meaning the redirect path is evaluated at runtime and external urls are blocked:

https://api.rubyonrails.org/classes/ActionController/Redirecting.html#method-i-redirect_to-label-Open+Redirect+protection

As such we should only flag open redirects that have allow_other_host: true enabled. However we should consider if this is appropriate since some folks may not be on rails 6 or below.

Expected Behavior

redirect_to request.referer, allow_other_host: true

Raises a finding

Actual Behavior

redirect_to request.referer

Raises a finding

cfabianski commented 1 year ago

Remember we can do this https://github.com/Bearer/bearer-rules/blob/main/rules/javascript/third_parties/dom_purify.yml#L20-L24 :)