Will Web 3.0 Replace Web 2.0?
Become a member
Login
No unread comment.
View All Comments
No unread message.
View All Messages
No unread notification.
View All Notifications
Answers
Post
An Article
A Blog
A News
A Video
An EBook
An Interview Question
Ask Question
C# Corner Home
Technologies
Monthly Leaders
ASK A QUESTION
Forum guidelines
Raja
859
2k
316.5k
How to prevent open redirection attacks?
Feb 22 2017 7:49 AM
Observation
Un-validated Redirect: The login form is vulnerable to un-validated redirect attacks:
Affected URLs: https://example.com/login.aspx?returnURL=https://www.attacker.com
Impact
By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Recomendation
Whitelist the redirect URLs and prevent redirection outside parent domain.
i dont know what is the problem is that.and what they saying.
My understading
if login the application that redirect another un- validated page.
How to fix it what is the problem is that
Reply
Answers (
4
)
how can temporarily save two or more model object Json file?
how to use nhibernate in asp.net web api