Aerostack
Aerostack
search

web-safe-redirect Edge Function — Web Search

Web Search

Validate a redirect URL is safe against open redirect attacks by checking protocol and domain against an allowlist.

navin @navin verified
Updated Mar 12, 2026
GitHub

Edge function web-safe-redirect Validate a redirect URL is safe against open redirect attacks by checking protocol and domain against an allowlist.. Deployed on Cloudflare Workers — zero cold starts, globally distributed. Mount it via your Aerostack workspace to call it from any AI agent.

terminal — aerostack cli
$ npx aerostack add navin/web-safe-redirect
smart_toy

Use with AI Assistants

MCP

Connect Claude, Cursor, or any MCP-compatible client — then call this function by slug

① Add MCP Server

Add this once — access all Aerostack functions from your AI tool.

claude_desktop_config.json 
{
  "mcpServers": {
    "aerostack": {
      "url": "https://mcp.aerostack.dev",
      "type": "http"
    }
  }
}

② Call this function

Ask your AI to use the call_function tool with this slug:

call_function 
call_function({
  slug: "web-safe-redirect",
  args: {
    "url": "example_url",
    "options": null
  }
})

web-safe-redirect — Validate redirect URLs against open redirect attacks

Protect your application from open redirect vulnerabilities by validating user-supplied redirect URLs against an explicit domain allowlist and protocol rules.

API

POST /api/web-safe-redirect

Request body

Field Type Required Default Description
url string Yes Redirect URL to validate
options.allowedDomains string[] No [] Allowed external domains (subdomains matched)
options.allowRelative boolean No true Allow relative paths starting with /
options.allowedProtocols string[] No ['http','https'] Allowed URL protocols

Success response (200)

{
  "success": true,
  "data": {
    "safe": true,
    "url": "/dashboard",
    "isRelative": true
  }
}

Error responses

Code HTTP When
INVALID_INPUT 400 Missing url field
INTERNAL_ERROR 500 Unexpected error

Usage

Direct import
import { webSafeRedirect } from '@aerostack/functions/web-safe-redirect';

const returnUrl = req.query.redirect as string;
const result = webSafeRedirect({
  url: returnUrl,
  options: { allowedDomains: ['myapp.com'], allowRelative: true },
});

if (result.safe && result.url) {
  return Response.redirect(result.url);
} else {
  return Response.redirect('/home'); // fallback
}

Use Cases

  • Validating ?redirect= or ?return_to= query parameters after authentication
  • Ensuring OAuth callback URLs point to trusted domains
  • Blocking javascript: and data: URLs injected via user input

Metadata

upgrade Version 1.0.0
gavel License MIT
language Language typescript
cloud Provider aerostack

Tags

web

Publisher

navin

@navin verified

deployed_code

Build and publish your own functions

Write a TypeScript function, deploy it to the edge, and share it with thousands of developers — in minutes.

Publish a Function → Read the docs

More Web Search Functions

Browse Web Search Functions →
extension

web-query-stringify

by @navin

Serialize a parameters object to a URL query string with support for arrays, encoding, and null skipping.

web-search
star 1
extension

web-content-type-parse

by @navin

Parse a Content-Type header value into MIME type, subtype, charset, boundary, and convenience boolean flags.

web-search
star 0
extension

web-headers-parse

by @navin

Parse a raw HTTP header block string or object into a structured lowercase-keyed object with content-type and authorization extraction.

web-search
star 0
extension

web-ip-extract

by @navin

Extract the real client IP address from HTTP request headers, with proxy trust control and private IP detection.

web-search
star 0
extension

web-query-parse

by @navin

Parse a URL query string into a typed object with support for arrays, number/boolean coercion, and bracket notation.

web-search
star 0
extension

web-url-build

by @navin

Build a URL from a base and optional path, query parameters, and hash fragment.

web-search
star 0

Frequently asked questions

What does the web-safe-redirect function do? +

web-safe-redirect is a serverless edge function for web-search automation written in aerostack. Deploy it to Cloudflare Workers via your Aerostack workspace.

How do I deploy the web-safe-redirect function? +

Install the Aerostack CLI and run: ```bash aerostack deploy function @navin/web-safe-redirect ``` It will be live on Cloudflare Workers in seconds.

What runtime does web-safe-redirect use? +

web-safe-redirect runs on aerostack on the Cloudflare Workers edge runtime — zero cold starts, globally distributed.

Can I customise the web-safe-redirect function? +

Yes. Fork the function from your Aerostack dashboard, modify the source, and redeploy. All changes are version-controlled.