3

I have developed a Rails app and now I'm trying to improve its security. There are some ajax on it and as I don't have much experience with jQuery and on one of the ajax requests, I have to redirect the user via javascript, is it a good practice? I would like to know if it's safe the implementation below and what is the risk that my app could be suffering too:

success: function(callback) {
  if (callback.status == true) {
    if (event.target.id == 'radar_occurrences')
      window.location.href = '/radar/all'
    else
      window.location.href = '/radar/list'
    }
  else {
    $("body").before("<p class='error'>Failure message.</p>");
    flashError();
  }
}

Thanks!

hugalves
  • 271
  • 4
  • 15
  • "safe" from what perspective? http://stackoverflow.com/a/506004/251311 – zerkms Mar 27 '14 at 20:36
  • no less than safe than allowing them to retain their navigation bar in their browser. – Brad Christie Mar 27 '14 at 20:36
  • zerkms, I would like to know if `window.location.href` could be dangerous for the app. I use to redirect the user using `redirect_to`, a Rails function. But on this case, I have to redirect with javascript. I just don't know if this could expose a security issue, for example, or if you recommend any other way to do it. – hugalves Mar 27 '14 at 20:43
  • @hugalves: your question looks like: Is this code insecure: `var a = 1;`? You aren't accepting any user input. Everything in your code is hardcoded. How is it supposed to be vulnerable to anything if you don't have ways to influence on it? – zerkms Mar 27 '14 at 20:58
  • @zerkms, as I said, I don't have experience with app security. So, I thought that this could be unsafe. Good to know that it isn't.. – hugalves Mar 27 '14 at 21:02

1 Answers1

1

A common security issue with redirects are "open redirects" where basically an attacker can take advantage of a flaw in your page to get a user redirected to some other site of his/her choice. In your specific case it seems that you don't use any user supplied parameter to define the target URL of the redirect, so you should be safe from this attack.

Frank
  • 51
  • 5