Skip to content

fix: prevent open redirect via redirect/errorRedirect in OAuth connect flow#12403

Open
l3tchupkt wants to merge 1 commit intogoogle:developfrom
l3tchupkt:fix-open-redirect
Open

fix: prevent open redirect via redirect/errorRedirect in OAuth connect flow#12403
l3tchupkt wants to merge 1 commit intogoogle:developfrom
l3tchupkt:fix-open-redirect

Conversation

@l3tchupkt
Copy link
Copy Markdown

@l3tchupkt l3tchupkt commented Mar 30, 2026

Properly validate redirect host against site host.

Reported-by: LAKSHMIKANTHAN K (letchupkt)

Summary

Addresses issue:

  • Fixes open redirect vulnerability in OAuth connect flow via errorRedirect and redirect parameters

This PR resolves an open redirect issue where user-controlled redirect parameters were accepted without enforcing same-origin validation. This could allow redirection to external domains (e.g., accounts.google.com) after OAuth error handling.

Relevant technical choices

  • Implemented strict host validation for both redirect and errorRedirect parameters in handle_connect()
  • Used wp_parse_url() to extract and compare redirect host against the site host (home_url())
  • Rejected external redirect values by clearing them when the host does not match
  • Ensured backward compatibility and no disruption to the existing OAuth authentication flow
  • Applied validation before passing values into OAuth client logic

PR Author Checklist

  • My code is tested and passes existing unit tests.
  • My code has an appropriate set of unit tests which all pass.
  • My code is backward-compatible with WordPress 5.2 and PHP 7.4.
  • My code follows the WordPress coding standards.
  • My code has proper inline documentation.
  • I have added a QA Brief on the issue linked above.
  • I have signed the Contributor License Agreement (see https://cla.developers.google.com/).

Do not alter or remove anything below. The following sections will be managed by moderators only.

Code Reviewer Checklist

  • Run the code.
  • Ensure the acceptance criteria are satisfied.
  • Reassess the implementation with the IB.
  • Ensure no unrelated changes are included.
  • Ensure CI checks pass.
  • Check Storybook where applicable.
  • Ensure there is a QA Brief.
  • Ensure there are no unexpected significant changes to file sizes.

Merge Reviewer Checklist

  • Ensure the PR has the correct target branch.
  • Double-check that the PR is okay to be merged.
  • Ensure the corresponding issue has a ZenHub release assigned.
  • Add a changelog message to the issue.

@l3tchupkt
Fix Open Redirect vulnerability in OAuth connect handler
bcd755c 
Properly validate redirect host against site host.

Reported-by: LAKSHMIKANTHAN K (letchupkt)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@l3tchupkt