Open Redirect Demo

Open Redirect vulnerabilities occur when an application incorporates user-controllable data into the target of a redirection in an unsafe way, allowing attackers to redirect users to malicious websites.

How Open Redirects Work:

  1. Application accepts a user-provided URL parameter
  2. Application redirects user to that URL without validation
  3. Attacker can redirect users to malicious sites
  4. Users trust the redirect because it starts from a legitimate domain

Try These Open Redirect Payloads:

Try these URLs manually in the address bar:

# External website redirect /OpenRedirectDemo?returnUrl=https://evil.com /OpenRedirectDemo?returnUrl=http://malicious-site.com # Protocol manipulation /OpenRedirectDemo?returnUrl=javascript:alert('XSS') /OpenRedirectDemo?returnUrl=data:text/html,<script>alert('XSS')</script> # Double slash bypass /OpenRedirectDemo?returnUrl=//evil.com /OpenRedirectDemo?returnUrl=\/\/evil.com # URL encoding bypass /OpenRedirectDemo?returnUrl=http%3A%2F%2Fevil.com # Subdomain confusion /OpenRedirectDemo?returnUrl=https://legitimate-site.evil.com

Open Redirect Prevention:

  • URL Validation: Validate redirect URLs against whitelist
  • Relative URLs Only: Only allow relative URLs for redirects
  • Domain Validation: Ensure redirects stay within your domain
  • Indirect References: Use indirect references instead of URLs

Test Steps:

  1. Select a page from the dropdown below
  2. Try modifying the returnUrl parameter in the URL
  3. Observe how malicious URLs can redirect users

Page Redirect Selector

Try manually modifying the returnUrl parameter in the URL after clicking

Error:

Please select a page to view.