Merge pull request #13289 from alexrford/rb/rack-redirect

Ruby: rack - model redirect responses
2026-04-30 11:15:13 +02:00 · 2023-06-22 13:45:02 +01:00
parent 7efbd8828b 8ef8a0d2f6
commit 24e83165ee
9 changed files with 189 additions and 47 deletions
--- a/ruby/ql/lib/change-notes/2023-06-08-rack-redirect.md
+++ b/ruby/ql/lib/change-notes/2023-06-08-rack-redirect.md
@@ -0,0 +1,4 @@
+---
+category: minorAnalysis
+---
+* HTTP redirect responses from Rack applications are now recognized as a potential sink for open redirect alerts.