Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Set up open redirect fuzzing #901

Merged
merged 12 commits into from
Oct 9, 2024
Merged

Conversation

nas-tabchiche
Copy link
Contributor

No description provided.

- Set expect timeout to 1 second
- Display progress at each individual step
- Add test.slow() annotation
This commit ditches ragec-based validation in favor of building an allow list
based on URLModel prefixed routes.
This is only a proof of concept, as routes do not necesarily start with a
URLModel (e.g. /analytics)
@nas-tabchiche nas-tabchiche marked this pull request as ready for review October 8, 2024 11:41
Copy link
Collaborator

@Mohamed-Hacene Mohamed-Hacene left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

0k

@Mohamed-Hacene Mohamed-Hacene merged commit ae64fd2 into main Oct 9, 2024
15 checks passed
@Mohamed-Hacene Mohamed-Hacene deleted the sec/open-redirect-fuzzing branch October 9, 2024 14:32
@github-actions github-actions bot locked and limited conversation to collaborators Oct 9, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants