From 03a8c3bbd98c8917892247aea1d848332757206e Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Tue, 9 May 2023 23:13:30 -0700
Subject: [PATCH] Create open-redirect.js

---
 open-redirect.js | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 open-redirect.js

diff --git a/open-redirect.js b/open-redirect.js
new file mode 100644
index 0000000..27f66f2
--- /dev/null
+++ b/open-redirect.js
@@ -0,0 +1,18 @@
+var app = angular.module('MyApp', []);
+app.controller('myCtrl', function($scope, $sce) {
+    $scope.userInput = 'foo';
+
+    $scope.sayHello = function() {
+     // ruleid:detect-angular-open-redirect
+     $window.location.href = input + '/app/logout';
+     input = $scope.input;
+     // ruleid:detect-angular-open-redirect
+     $window.location.href = input + '/app/logout';
+
+     //Data is not coming from user input
+     $location.location.location = test
+     // ok:detect-angular-open-redirect
+     $window.location.href = "//untatintedredirect"
+   };
+
+});