Home > Enterprise >  Checkmarx : How to solve Unsafe_Use_Of_Target_blank issue?
Checkmarx : How to solve Unsafe_Use_Of_Target_blank issue?

Time:05-10

I have 3 occurances of "Unsafe_Use_Of_Target_blank" vulnerability from Checkmarx, in the following lines of my code (UI5 project):

window.open(new URL(sCustomUrl).origin   "/"   sParam);

window.open(sCustomUrl   this.getView().getModel().getProperty("/ID"));

window.open(this.urlToID);

How can I eliminate the issue in these lines?

CodePudding user response:

When not specifying the target (no second parameter for window.open, or it an empty string or "_blank"), the opened window gains some access to the page that executed the window.open() method (Reverse Tabnabbing).

Setting the opener property to null, or specifically setting the target when calling window.open, fixes this vulnerability.

You can get more info about "unsafe use of target _blank" here.

Page link:https//www.codepudding.com/Enterprise/401948.html

Prev:return address of dlsym and Address of Function Pointer assigned
Next:What does the Google Client Secret in an OAuth2 application give access to?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding