Redirection to external URL
Opened this issue · 3 comments
I had a python application which was redirecting users to other external websites once the authentication was completed. Even after having many checks for the URL , it was unable to stop the redirection , I had to switch to a new library name "Oauth"
So for eg I was having redirection when I have this URL https://localhost:8000/login?next=https%3A%2F%2Fgoogle.com%2F
Google.com was added manually in the URL and it was redirecting to google.com ( phishing attack )
below is the code which I tried to fix the redirection
@app.route('/oidc/callback')
def callback():
state = request.args.get('state')
base_url = request.host_url
logger.debug(f"Callback called with state: {state}")
# Check if state is None or empty
if not state:
logger.debug("State is None or empty, redirecting to root URL")
return oidc.redirect_to_auth_server('/')
# Check if state is a relative URL
parsed_url = urlparse(state)
if parsed_url.netloc == '' and state.startswith('/'):
# Ensure the state is safe to redirect to
if url_is_safe(state, base_url):
logger.debug(f"State is a safe relative URL: {state}, redirecting to it")
return oidc.redirect_to_auth_server(state)
else:
logger.debug(f"State is not a safe relative URL: {state}, aborting with 400")
return abort(400) # Bad request
# If state is not a relative URL, ignore it and redirect to the root URL
logger.debug(f"State is not a relative URL: {state}, redirecting to root URL")
return oidc.redirect_to_auth_server('/')
I had to move to another library oAuth since it was not working with OIDC
I agree that the default callback handler should check that the redirected URL is either relative or on the same domain.
