CWE-183 Permissive List of Allowed Inputs
What this means
SiteShadow flagged an allowlist/validation rule that is too permissive. An allowlist is only effective if it's narrow enough to exclude dangerous values.
Why it matters
Overly broad allowlists can admit unsafe input.
- Injection bypass when the "allowed" set still contains dangerous characters/structures.
- Policy bypass when allowlists accept unexpected schemes/hosts/types (e.g., allowing
file:orjavascript:).
Safer examples
1) Make allowlists explicit and small
Prefer "only these values" over "anything except these values."
2) Apply context-specific allowlists
URLs: allowlist schemes/hosts. Filenames: allowlist characters and extensions. Enums: allowlist values.
3) Add tests for bypasses
Include "naughty strings" and known bypass payloads to ensure the allowlist stays strict over time.
How SiteShadow detects it (high level)
- Detects allowlist patterns that include overly broad wildcards or dangerous values.
- Flags when allowlists are used for security decisions but do not meaningfully constrain input.
References
- CWE-183: https://cwe.mitre.org/data/definitions/183.html
---