While working on an Angular project, Snyk is flagging the use of navigateByUrl() in one of my functions as a potential open redirect vulnerability.
Despite implementing sanitization and validation, the issue persists. Here’s the function I’m using:
getDocs() {
this._service.getDocs(this.docID).subscribe(res => {
if (res) {
const sanitizedDocID = this.sanitizedDocID(this.docID);
if (res.lstDocs.length) {
const redirectUrl = `doc/${sanitizedDocID}`;
if (this.isValidRedirectUrl(redirectUrl)) {
this._router.navigateByUrl(redirectUrl);
}
} else if (!res.lstDocs.length && res.ListNewDocs.length) {
const redirectUrl = `new-doc/${sanitizedDocID}`;
if (this.isValidRedirectUrl(redirectUrl)) {
this._router.navigateByUrl(redirectUrl);
}
} else {
this._router.navigateByUrl('dashboard');
}
}
});
}
isValidRedirectUrl(url) {
const trustedUrls = ['doc', 'new-doc'];
return trustedUrls.indexOf(url) > -1;
}
sanitizedDocID(docId) {
return docId.replace(/[^0-9]/g, '');
}
Snyk is flagging the navigateByUrl(redirectUrl) calls in this function, despite sanitizing the docID and validating the URLs using isValidRedirectUrl().
What else can be done to resolve this? Kindly assist.