def process_result result
return unless original? result
call = result[:call]
method = call.method
opt = call.first_arg
if method == :redirect_to and
not only_path?(call) and
not explicit_host?(opt) and
not slice_call?(opt) and
not safe_permit?(opt) and
res = include_user_input?(call)
if res.type == :immediate
confidence = :high
else
confidence = :weak
end
warn :result => result,
:warning_type => "Redirect",
:warning_code => :open_redirect,
:message => "Possible unprotected redirect",
:code => call,
:user_input => res,
:confidence => confidence
end
end