IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [url-redirection]

URL redirection is a technique for making web resources available under more than one URL address, or moved to a different location while maintaining compatibility with previously published URLs.

URL redirection, or URL forwarding, is a technique for making web resources available under more than one URL address, or moved to a different location while maintaining compatibility with previously published URLs.

URL redirection can be set-up on a web server handling web requests, attached to web application's response headers and handled by a user-agent, or handled through a client-side script.

222 questions
0
votes
1 answer

Avoiding redirects

I'm working on a site where users can input URLs. The URLs should point to sites where you can buy an item (for birthday/special event/...) It also sends out mails to e-mail addresses the user provides. Now, I would like to assess how unsafe this is…
MadBoomy
  • 115
  • 4
0
votes
1 answer

Blackbox URL matching mechanism bypass for an open redirect

I'm currently testing a web application, which appears to have an open redirect vulnerability, since they receive a parameter redirect_url via GET. The application redirects the user to this URL later on. However, they do some fixed URLs they accept…
SaAtomic
  • 989
  • 2
  • 15
  • 27
0
votes
2 answers

Trying to examine URL redirection in Wireshark

I clicked on a link (indistannews.com) and was redirected to a different website (sexiniowa.com). [Warning - the latter site is a pornography website]. I looked at the transaction in Wireshark to try and see how I was redirected. All I see is a…
NickJones
  • 1
  • 1
  • 2
0
votes
2 answers

Is there any way to force browse HTTP if all the traffic is redirected to HTTPS?

The webserver is configured to redirect all HTTP request traffic to HTTPS. And there seems to be different application running on 80 and 443. 443 is not vulnerable but there are lot of vulnerability exists on 80. When I am trying to browse…
LionKing
  • 11
0
votes
3 answers

Page redirecting to "malicious" content

Recently I was visiting a web site that was is hosted in China (I can tell by the IP, it's assigned to an University over there). When I accessed their page today, it loaded but after the initial content was loaded, I was redirected to a…
cyzczy
  • 1,518
  • 5
  • 21
  • 34
0
votes
0 answers

Any way to exploit a URL section echoing into another URL?

I found a possible vulnerability vector in a website with a bug bounty program, and I don't want to pass it up, but I can't figure out a way to exploit it. The possible vector is that, when you go to an unused subdomain (owned by them but now…
Jack
  • 471
  • 2
  • 6
  • 18
0
votes
4 answers

How do URL shortening services like bitly prevent ddos attacks?

i am working on a project that needs to shorten URLs to of about ~25 chars of length. I can create cryptic ids which map to full length URL and persist it in a DB. My only worry is how can i prevent someone from random generating such ids and…
bluefalcon
  • 143
  • 3
0
votes
2 answers

Google Chrome is redirecting before visiting a shopping website

I notice every few days (~5 days) that when I try to open an Amazon.in URL, before opening that URL, Chrome opens a different link which looks like an affiliate link. This link redirects to the actual URL. The link is given below. After it does so,…
Sabya
  • 101
  • 2
0
votes
1 answer

On Mozilla's Add-ons site (AMO) what is happening with external links?

On Mozilla's Add-ons site (known as AMO), all external links are directed through: https://outgoing.mozilla.org/v1/[UUID]/[destination URL] As a random example, see the link in the Description section of this…
RockPaperLz- Mask it or Casket
  • 3,114
  • 21
  • 50
0
votes
2 answers

Security concerns when using nginx as a lightweight URL shortener

I wish to use nginx as a lightweight URL shortener. To be exact, assuming my domain name is example.com, I have this most basic nginx.conf: events {} http { server { listen 80; location = /vimrc { proxy_pass…
dankilman
  • 103
  • 5
0
votes
2 answers

Malware or viruses by browser redirects?

Recently was browsing and clicked on a link to the following address: (In code blocks so you cant accidently click it) http://paycheck-calculator.org/ Clicking on this quickly loaded 2-3 different sites before I closed the tab. Looking through the…
Orbit
  • 101
  • 1
  • 1
0
votes
2 answers

Are there any consequences of clicking on a URL to a facebook.com link?

So I stupidly clicked on a suspicious link on a Facebook post today. Guest account for shame. In my defense, it was a link to facebook.com itself, but it loaded a Facebook page, then seemed to redirect. I closed my browser less than a second after.…
probablyoverthinkingthis
  • 1
-1
votes
1 answer

What are the heuristics for a malicious url?

I know that there is nothing like a safe website ,any website which is safe today could be hacked and its visitors could be served with latest malware. What I'm curious about is what checks can we do on a url to judge/guess it as malicious using a…
rebel87
  • 205
  • 4
  • 11
-1
votes
2 answers

How to conduct this MITM attack

For educational purposes, I want to conduct a demo for a Man In The Middle attack. The attack scenario is: 1) The client request aaa.com 2) The MITM changes the client request to bbb.com 3) The client get response for bbb.com Notes: 1) bbb.com is…
user9371654
  • 469
  • 1
  • 6
  • 15
-1
votes
1 answer

301 Moved Permanently on nginx server

If I request this: http://mysite.com/\/\http://evilzone.org Response: HTTP/1.1 301 Moved Permanently Location: https://mysite.com/\/\http://evilzone.org Is it a vulnerability?
user183535
  • 57
  • 3
1 2 3
14
15