Disclaimer: This platform is for educational and authorized security testing only.
Bricxt SquadCybersecurity Education & Ethical Hacking Labs

Open Redirect

Identify risky redirect patterns and implement safe, allowlisted navigation.

Detection Clues

  • Parameters like returnUrl, next, continue, redirect, r
  • Unvalidated full URLs accepted
  • Relative path tricks (//host) or scheme-relative URLs

Prevention

  • Allowlist internal paths only; reject external origins
  • Normalize and compare hosts; prefer fixed destinations
  • Use relative paths or IDs; never reflect arbitrary URLs

Copy-Ready Safe Patterns

const allowlist = new Set(["/dashboard","/settings"]);
const next = new URL(req.query.next || "/dashboard", "https://app.example.com");
const path = next.pathname;
res.redirect(allowlist.has(path) ? path : "/dashboard");
const idToPath = { "home": "/dashboard", "acct": "/settings" };
const dest = idToPath[String(req.query.to || "home")] || "/dashboard";
res.redirect(dest);