بنقرة واحدة
sc-open-redirect
Open redirect detection — unvalidated redirect URLs, protocol-relative bypasses, and URI scheme abuse
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Open redirect detection — unvalidated redirect URLs, protocol-relative bypasses, and URI scheme abuse
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Comprehensive AI-powered security scanning suite with 48 skills covering OWASP Top 10, 7 language-specific deep scanners (Go, TypeScript, Python, PHP, Rust, Java, C#), supply chain analysis, infrastructure-as-code scanning, and 3000+ checklist items. Use when you need to run a security audit, find vulnerabilities, scan a PR for security issues, or perform a penetration test on a codebase.
C#/.NET-specific security deep scan
Go-specific security deep scan
Java/Kotlin-specific security deep scan
PHP-specific security deep scan
Python-specific security deep scan
| name | sc-open-redirect |
| description | Open redirect detection — unvalidated redirect URLs, protocol-relative bypasses, and URI scheme abuse |
| license | MIT |
| metadata | {"author":"ersinkoc","category":"security","version":"1.0.0"} |
Detects open redirect vulnerabilities where user-controlled input determines the destination of HTTP redirects, enabling phishing attacks, OAuth token theft, and SSRF chaining. Covers URL parameter redirects, protocol-relative URL bypasses, backslash tricks, and JavaScript/data URI schemes.
Called by sc-orchestrator during Phase 2 when redirect functionality is detected.
"redirect(", "res.redirect(", "response.sendRedirect(",
"http.Redirect(", "redirect_to(", "RedirectToAction(",
"Location:", "window.location", "document.location",
"return_url", "redirect_url", "next=", "callback=", "url=", "goto="
// VULNERABLE: Unvalidated redirect
app.get('/redirect', (req, res) => {
res.redirect(req.query.url); // url=https://evil.com
});
// SAFE: Allowlist validation
const ALLOWED_HOSTS = ['example.com', 'app.example.com'];
app.get('/redirect', (req, res) => {
const url = new URL(req.query.url, 'https://example.com');
if (!ALLOWED_HOSTS.includes(url.hostname)) {
return res.status(400).send('Invalid redirect');
}
res.redirect(url.toString());
});
//evil.com\/evil.com or \evil.com%2f%2fevil.comdata:text/html,<script>...javascript:alert(1)@ in URL: https://example.com@evil.com/dashboard or ./profile cannot redirect to external domains