[{"data":1,"prerenderedAt":146},["ShallowReactive",2],{"blog-vulnerabilities/open-redirect":3},{"id":4,"title":5,"body":6,"category":126,"date":127,"dateModified":127,"description":128,"draft":129,"extension":130,"faq":131,"featured":129,"headerVariant":132,"image":131,"keywords":131,"meta":133,"navigation":134,"ogDescription":135,"ogTitle":131,"path":136,"readTime":137,"schemaOrg":138,"schemaType":139,"seo":140,"sitemap":141,"stem":142,"tags":143,"twitterCard":144,"__hash__":145},"blog/blog/vulnerabilities/open-redirect.md","Open Redirect Explained",{"type":7,"value":8,"toc":119},"minimark",[9,16,21,24,39,43,59,63,72,88,107],[10,11,12],"tldr",{},[13,14,15],"p",{},"Open redirects happen when your site redirects users based on a URL parameter without validation. Attackers create links that look like your site but redirect to malicious pages. Fix by validating redirect URLs are relative paths or belong to your allowed domains.",[17,18,20],"h2",{"id":19},"what-is-an-open-redirect","What Is an Open Redirect?",[13,22,23],{},"An open redirect vulnerability allows attackers to craft URLs on your domain that redirect users to external malicious sites. Since the link appears to be from your trusted site, users are more likely to click it.",[25,26,28],"code-block",{"label":27},"Vulnerable redirect pattern",[29,30,35],"pre",{"className":31,"code":33,"language":34},[32],"language-text","// Attacker creates this phishing link:\n// https://yoursite.com/login?redirect=https://evil.com/fake-login\n\n// Your vulnerable code:\napp.get('/login', (req, res) => {\n  // After login, redirect to the URL parameter\n  const redirectUrl = req.query.redirect;\n  res.redirect(redirectUrl);  // VULNERABLE!\n});\n","text",[36,37,33],"code",{"__ignoreMap":38},"",[17,40,42],{"id":41},"why-its-dangerous","Why It's Dangerous",[44,45,46,50,53,56],"ul",{},[47,48,49],"li",{},"Users trust links from your domain",[47,51,52],{},"Used in phishing to steal credentials",[47,54,55],{},"Can bypass email/URL filters",[47,57,58],{},"OAuth attacks using redirect_uri manipulation",[17,60,62],{"id":61},"how-to-fix-open-redirects","How to Fix Open Redirects",[25,64,66],{"label":65},"Safe redirect handling",[29,67,70],{"className":68,"code":69,"language":34},[32],"function isValidRedirect(url) {\n  // Allow relative URLs\n  if (url.startsWith('/') && !url.startsWith('//')) {\n    return true;\n  }\n\n  // Allow specific domains\n  try {\n    const parsed = new URL(url);\n    const allowedHosts = ['yoursite.com', 'app.yoursite.com'];\n    return allowedHosts.includes(parsed.host);\n  } catch {\n    return false;\n  }\n}\n\napp.get('/login', (req, res) => {\n  const redirectUrl = req.query.redirect || '/dashboard';\n\n  if (!isValidRedirect(redirectUrl)) {\n    return res.redirect('/dashboard');  // Safe default\n  }\n\n  res.redirect(redirectUrl);\n});\n",[36,71,69],{"__ignoreMap":38},[73,74,75,82],"faq-section",{},[76,77,79],"faq-item",{"question":78},"Is open redirect a serious vulnerability?",[13,80,81],{},"It's medium severity on its own, but it enables more serious attacks like phishing and OAuth token theft. It's often used as a stepping stone in more complex attacks.",[76,83,85],{"question":84},"How do I handle OAuth redirect_uri?",[13,86,87],{},"Validate that redirect_uri exactly matches a pre-registered callback URL. Don't allow partial matches or wildcards in production.",[89,90,91,97,102],"related-articles",{},[92,93],"related-card",{"description":94,"href":95,"title":96},"Server-side URL issues","/blog/vulnerabilities/ssrf","SSRF Explained",[92,98],{"description":99,"href":100,"title":101},"Often chained together","/blog/vulnerabilities/xss","XSS Explained",[92,103],{"description":104,"href":105,"title":106},"General validation guide","/blog/how-to/validate-user-input","Input Validation",[108,109,112,116],"cta-box",{"href":110,"label":111},"/","Start Free Scan",[17,113,115],{"id":114},"find-open-redirects","Find Open Redirects",[13,117,118],{},"Our scanner checks for unvalidated redirect parameters.",{"title":38,"searchDepth":120,"depth":120,"links":121},2,[122,123,124,125],{"id":19,"depth":120,"text":20},{"id":41,"depth":120,"text":42},{"id":61,"depth":120,"text":62},{"id":114,"depth":120,"text":115},"vulnerabilities","2026-01-20","Open redirects let attackers use your site to redirect users to malicious pages. Learn how open redirects work and how to safely handle redirects.",false,"md",null,"red",{"noindex":134},true,"Learn how open redirect vulnerabilities work and how to prevent them.","/blog/vulnerabilities/open-redirect","5 min read","[object Object]","TechArticle",{"title":5,"description":128},{"loc":136},"blog/vulnerabilities/open-redirect",[],"summary_large_image","1EoxWx_Sn08--9NfSXq7KnSZCe9WaDvFC7bVsO25Pco",1775843926509]