Flask redirection problem: If no security verification URL - Code World

Flask redirection problem: If no security verification URL

Others 2019-12-07 20:14:09 views: null

A fooo view, a barrr view. After clicking through the link in the view, do something, or return fooo barrr route.

@app.route('/fooo')
def fooo():
    return '<h1>Fooo Page</h1><a href="%s">Do somethinggg</a>' % url_for('do_somethinggg', next=request.full_path)

@app.route('/barrr')
def barrr():
    return '<h1>Barrr Page</h1><a href="%s">Do somethinggg</a>' % url_for('do_somethinggg', next=request.full_path)

@app.route('/do_somethinggg')
def do_somethinggg():
    print('------do somethinggg------')
    print(request.referrer)
    # 方法一：查询request.referrer获取重定向位置
    return redirect(request.referrer or url_for('hello'))
    # 方法二：查询参数获取重定向位置
    return redirect(request.args.get('next'))

Click URL: 127.0.0.1: Link 5000 / fooo the redirection, as follows:

relative URL link: / do_somethinggg next =% 2Ffooo% 3F?
If I type in the address bar: http: //127.0.0.1: 5000 ? / do_somethinggg next = /
will jump to the URL: http: //127.0.0.1: 5000 /
results in an open redirect vulnerability (open redirect)

Guess you like

Origin www.cnblogs.com/daemonFlY/p/12003064.html

Flask redirection problem: If no security verification URL

[Flask] Flask URL construction (url redirection)

Security Flaw URL Redirection

[Flask] Flask redirection and errors

Apache configuration URL Redirection

Pikachu-URL redirection

pikachu unsafe url redirection

requests handle redirection of url

PHP URL redirection

URL verification

URL redirection vulnerability, python creates URL redirection vulnerability detection script

[Flask] Flask problem sets

beego-vue URL redirection

web forms, and user session redirection, message Flask

Regular verification of ID and url URL

implement authentication and verification code flask

Flask implements JWS identity verification

flask-url_for

flask error of url

Flask URL building

The pit of url_for in flask

Finally solved the file redirection problem

api interface security verification

vue routing security verification

Close SpringBoot security verification

Skip security verification

php - cURL acquired from url redirection

Java obtain network redirection URL (302 redirect)

nginx url automatically adds slashes and 301 redirection

Solving nginx redirection problem (rewrite or internal redirection cycle)

Recommended

The “35-year-old curse” of Chinese coders

蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版，免费下载

Ranking

Methods and Practices of Manufacturing Data Quality Improvement

Serial port upgrade program for efficient transmission of large firmware

Use KITTI to run LIOSAM and complete the EVO evaluation

Calling methods on string literals (Java)

ActiveMQ and Spring integration (4)

You have to know the HTTPS! ! !

PAT whether Structures and Algorithms 7-4 with a binary search tree (40 rows streamlined structure)

el-upload brings request background

UVA - 1204 Fun Game-like pressure dp

2019-12-28

Daily

More

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)

2024-05-01(4)

2024-04-30(36)

2024-04-29(5)

2024-04-28(12)

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)