VulnerableApp-facade icon indicating copy to clipboard operation
VulnerableApp-facade copied to clipboard

Published 20 hours ago verified publisher icon SasanLabs

Handling issues where backed returns URL links

Open preetkaran20 opened this issue 3 years ago • 1 comments

Issue: As VulnerableApp-Facade calls the underlying applications based on the criteria which is defined in nginx-conf however in case applications return a URI inside the response which might not have that criteria then the calls to those URI will break. an example is:

 location /XYZ {
    proxy_pass http://<something>:9090/PQR; 
}

Here if backend is returning any URI then that URL will be /PQR but backend should return /XYZ for facade usecase.

Solution: Not sure how can we handle such usecases. Need to think more on this.

preetkaran20 avatar May 16 '21 06:05 preetkaran20