Forum Discussion

OM's avatar
OM
Icon for Nimbostratus rankNimbostratus
Apr 26, 2024

Open Redirection Mitigation

hello, ASM has a feature to mitigate the open redirection attacks when the redirect happens at the header level (i.e: with Location in response). When the redirection is within the payload response...
  • Daniel_Wolf's avatar
    May 03, 2024

    Hi OM

     

    if this it the request: "https://website.com/redirect.jsp?url=https://google.com"
    Then url is a parameter and https://google.com is a parameter value. In ASM you can control which parameter values are allowed. Issue solved.

    Sample config:

    And the result:

     

    KR
    Daniel