From a8fe186b1ce37966ab411ddc3e10c99a4602b3c8 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Fri, 20 Sep 2024 13:58:21 +0200
Subject: [PATCH] Create rule S7085: Missing Navigation Filtering (#4305)

* Create rule S7085

* Added rule description for S7085

---------

Co-authored-by: daniel-teuchert-sonarsource <daniel-teuchert-sonarsource@users.noreply.github.com>
Co-authored-by: Daniel Teuchert <daniel.teuchert@sonarsource.com>
---
 rules/S7085/javascript/metadata.json |  23 ++++++
 rules/S7085/javascript/rule.adoc     | 115 +++++++++++++++++++++++++++
 rules/S7085/metadata.json            |   2 +
 3 files changed, 140 insertions(+)
 create mode 100644 rules/S7085/javascript/metadata.json
 create mode 100644 rules/S7085/javascript/rule.adoc
 create mode 100644 rules/S7085/metadata.json

diff --git a/rules/S7085/javascript/metadata.json b/rules/S7085/javascript/metadata.json
new file mode 100644
index 0000000000..4f2a7545b3
--- /dev/null
+++ b/rules/S7085/javascript/metadata.json
@@ -0,0 +1,23 @@
+{
+  "title": "Missing Navigation Filtering",
+  "type": "VULNERABILITY",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "5min"
+  },
+  "tags": [
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-7085",
+  "sqKey": "S7085",
+  "scope": "All",
+  "defaultQualityProfiles": ["Sonar way"],
+  "quickfix": "unknown",
+  "code": {
+    "impacts": {
+      "SECURITY": "MEDIUM"
+    },
+    "attribute": "COMPLETE"
+  }
+}
diff --git a/rules/S7085/javascript/rule.adoc b/rules/S7085/javascript/rule.adoc
new file mode 100644
index 0000000000..e3e044943c
--- /dev/null
+++ b/rules/S7085/javascript/rule.adoc
@@ -0,0 +1,115 @@
+Unrestricted navigation in Electron applications can lead to security issues.
+
+== Why is this an issue?
+
+By default, Electron allows renderers to navigate to any location. This navigation can be triggered by clicking on the link of a web content page, by dragging and dropping URLs on the application’s window, and in other ways. This might allow navigating to malicious pages and websites that might be able to take advantage of potential render privileges (IPC events, exposed API functions, etc).
+
+=== What is the potential impact?
+
+Unrestricted navigation in Electron applications poses significant security risks. Electron apps combine web technologies with native capabilities, making them powerful but also potentially vulnerable to web-based attacks. If navigation is not properly restricted, malicious actors can exploit this to navigate to untrusted or harmful web content. This can lead to a variety of security issues, including:
+
+==== Cross-Site Scripting (XSS) Attacks
+Unrestricted navigation can allow attackers to inject malicious scripts into the application, leading to data theft, session hijacking, or other malicious activities.
+
+==== Phishing Attacks
+Users can be redirected to phishing sites that mimic legitimate services, tricking them into divulging sensitive information such as login credentials or financial details.
+
+==== Remote Code Execution
+By navigating to a malicious site, an attacker might exploit vulnerabilities in the Electron app or its dependencies to execute arbitrary code on the user's machine.
+
+== How to fix it
+
+=== Code examples
+
+==== Noncompliant code example
+
+[source,javascript,diff-id=1,diff-type=noncompliant]
+----
+const { app, BrowserWindow } = require('electron/main')
+
+const createWindow = () => {
+  const win = new BrowserWindow({
+    width: 600,
+    height: 800,
+  })
+
+  win.loadUrl('https://safe.example.com')
+}
+
+app.whenReady().then(() => {
+  createWindow()
+})
+----
+
+==== Compliant solution
+
+[source,javascript,diff-id=1,diff-type=compliant]
+----
+const { app, BrowserWindow } = require('electron/main')
+const { URL } = require('url')
+
+const createWindow = () => {
+  const win = new BrowserWindow({
+    width: 600,
+    height: 800,
+  })
+
+  win.loadUrl('https://safe.example.com')
+}
+
+app.on('web-contents-created', (event, contents) => {
+    contents.on('will-navigate', (event, navigationUrl) => {
+        const parsedUrl = new URL(navigationUrl)
+
+        if (parsedUrl.origin !== 'https://safe.example.com') {
+        event.preventDefault()
+        }
+    })
+})
+
+app.whenReady().then(() => {
+  createWindow()
+})
+----
+
+=== How does this work?
+
+The compliant code adds an event listener that will check for every webcontent that will navigate,
+if the target URL points to a safe host.
+
+//=== Pitfalls
+
+//=== Going the extra mile
+
+
+== Resources
+=== Documentation
+
+* Electron Documentation - https://www.electronjs.org/docs/latest/tutorial/security#13-disable-or-limit-navigation[Disable or limit navigation]
+* Electron Documentation - https://www.electronjs.org/docs/latest/api/web-contents#event-will-navigate[Event: 'will-navigate']
+
+
+//=== Articles & blog posts
+//=== Conference presentations
+//=== Standards
+//=== External coding guidelines
+//=== Benchmarks
+
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+=== Message
+* Make sure to restrict navigation targets.
+
+=== Highlighting
+
+Highlight the first new BrowserWindow() call that is found.
+
+'''
+== Comments And Links
+(visible only on this page)
+
+endif::env-github,rspecator-view[]
\ No newline at end of file
diff --git a/rules/S7085/metadata.json b/rules/S7085/metadata.json
new file mode 100644
index 0000000000..2c63c08510
--- /dev/null
+++ b/rules/S7085/metadata.json
@@ -0,0 +1,2 @@
+{
+}