Does anyone know if it is ok to proceed to my bank website even if every time I type the website in it opens pages with an .rf extension? What is that extension about? The bank is Regions dot com.
Asked
Active
Viewed 406 times
-3
Mike Ounsworth
- 57,707
- 21
- 150
- 207
Alain
- 1
- 2
-
The `url-redirection` tag came out of left field... – Parthian Shot Jul 23 '15 at 23:51
1 Answers
6
It took me a while to understand what you mean by ".rf extension".
Answer is: this has nothing whatsoever to do with security. The string that is displayed by your browser is a URL; it contains the protocol to use (https://), the server name (here www.regions.com), and then the path, which is a reference to some resource within that server. The point of the path is to make sense to the server because that's what the server will use to know what your browser wants to obtain and display. Whether that name makes sense to you, as a human, or even to your browser, is irrelevant.
The server says to your browser "come back to the server www.regions.com with protocol HTTPS, and send the path /personal_banking.rf". Your browser does exactly that: it connects to www.regions.com with protocol HTTPS, and sends the request "hey, I want to see the page /personal_banking.rf". The browser has no idea what ".rf" means, but that does not matter since that string is to be interpreted by the server. And the server knows.
At best, one may guess that the developer that made the bank Web site was using FrameMaker (because that piece of software tends to name its files with the ".rf" extension), but there is no proof of that and it does not say much about security.
Tom Leek
- 168,808
- 28
- 337
- 475
-
The latter part of your question is what solved the mystery to me. Also, I had actually been fighting viral infections and malware all day by the time one of my friends asked me about the "suspicious" `.rf` format. Thanks again! – Alain Jul 22 '15 at 22:21