Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

open Redirect Vulnerability issue in UI page from UI action Functionality

saitejaSnow
Tera Contributor

‎04-09-2024 02:03 AM

Hello people,

I have an UI action button for updating records in related list and also i am using the same button for table list level for this UI action i am using Ui page. My code functionality is working fine but i am getting error in some code scanning as stated as open redirect issue with highlighting the response.sendRedirect(reqURL):

my processing script code in UI page for redirect:

var reqURL = gs.getSession().getUrlOnStack();
response.sendRedirect(reqURL); 

 

the suggestions from the scanner:


var url = this.request.getParameter("url");
if (!GlideSecurityUtils.isURLWhiteListedStrict(url))
url = GlideSecurityUtils.enforceRelativeURL(url);

if (!JSUtil.nil(url))
return url;
else
return gs.getSession().getStack().pop(); 

 

How can i use above in processing to pass scaning .

thank you

 

0 Helpfuls
  • 445 Views
0 REPLIES 0