Remix Utils - v9.3.1
    Preparing search index...

    Module Server/Safe Redirect

    Note

    Install using bunx shadcn@latest add @remix-utils/safe-redirect.

    When performing a redirect, if the URL is user provided we can't trust it, if you do you're opening a vulnerability to phishing scam by allowing bad actors to redirect the user to malicious websites.

    https://remix.utills/?redirectTo=https://malicious.app

    To help you prevent this Remix Utils gives you a safeRedirect function which can be used to check if the URL is "safe".

    Note

    In this context, safe means the URL starts with / but not //, this means the URL is a pathname inside the same app and not an external link.

    import { safeRedirect } from "remix-utils/safe-redirect";

    export async function loader({ request }: Route.LoaderArgs) {
    	let { searchParams } = new URL(request.url);
    	let redirectTo = searchParams.get("redirectTo");
    	return redirect(safeRedirect(redirectTo, "/home"));
    }

    The second argumento of safeRedirect is the default redirect which by when not configured is /, this lets you tell safeRedirect where to redirect the user if the value is not safe.

    Sergio Xalambrí

    Functions

    safeRedirect

    Settings

    Member Visibility

    On This Page

    Functions