Canonicalization Attack

From Guidance Share
Jump to navigationJump to search


Different forms of input that resolve to the same standard name (the canonical name), is referred to as canonicalization. Code is particularly susceptible to canonicalization issues if it makes security decisions based on the name of a resource that is passed to the program as input. Files, paths, and URLs are resource types that are vulnerable to canonicalization because in each case there are many different ways to represent the same name.


  • Unauthorized access
  • Information disclosure


  • Making security decisions based on file names and file paths supplied as input.
  • Making security decisions based on supplied URLs


  • Avoid input file names where possible and instead use absolute file paths that cannot be changed by the end user.
  • Make sure that file names are well formed (if you must accept file names as input) and validate them within the context of your application. For example, check that they are within your application's directory hierarchy.
  • Ensure that the character encoding is set correctly to limit how input can be represented.

Attack Patterns


How Tos