Configuration: Request URL Override¶

Identifier: request_url_override

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner

Description¶

This vulnerability happens when an application wrongly trusts certain headers from a client to determine which URL to use, letting attackers change that URL to access stuff they're not supposed to or steer users to unsafe websites. The danger is that security controls built around correct URL handling can be bypassed, which might allow unauthorized data access or even let attackers trick users into visiting malicious sites. Developers often fall into the trap of believing data from client headers without proper checks, so it's important to validate or ignore these headers entirely when they control important decisions.

References:

https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers

Configuration¶

Example¶

Example configuration:

---
security_tests:
  request_url_override:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference¶

`assets_allowed`¶

Type : List[AssetType]*

List of assets that this check will cover.

`skip`¶

Type : boolean

Skip the test if true.