[
https://issues.apache.org/jira/browse/AIRFLOW-4186?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16804785#comment-16804785
]
Ash Berlin-Taylor commented on AIRFLOW-4186:
--------------------------------------------
I belive this will be fixed by
[https://github.com/apache/airflow/commit/c0f6cd1231df4d68bd0d6012791446ffb58e8d85]
(which is included in Airflow 1.10.3b1)
> [security] ui - Application is vulnerable to redirection attacks
> ----------------------------------------------------------------
>
> Key: AIRFLOW-4186
> URL: https://issues.apache.org/jira/browse/AIRFLOW-4186
> Project: Apache Airflow
> Issue Type: Bug
> Components: security, ui
> Reporter: t oo
> Priority: Major
>
> |Issue Details|
> |The Web server uses user-controlled input data to construct a redirection
> URL when the "X-Forwarded-Host" header is added to a request. This header is
> not added by default by the application, but causes a redirect to be
> performed when provided by a user.|
> | | | | | |
> |The application's "X-Forwarded-Host" header is included with the site
> google.com, causing the application to respond with a 302 redirect to that
> location.|
> |The application successfully redirects to the specified website.|
> |Business Impact/Attack Scenario| | | |
> |An attacker who is able to intercept and modify client HTTP requests before
> reaching the application server could redirect the clients to a malicious
> host.|
> |Recommendation| | | | |
> |Use the server’s name as the redirection destination where possible, or
> validate header values against a known whitelist.|
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
