diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Jan312009

Check if your being abused of “open redirect URLs” – Google Webmaster Tips

Google Webmaster blog has published an article that will help webmaster keeping their site clean from spammers using open redirect URLs on their domain. Below are some legitimate techniques that spammers uses to redirect URLs:

  • Scripts that redirect users to a file on the server: example.com/go.php?url=
    example.com/ie/ie40/download/?
  • Internal site search result pages sometimes have automatic redirect options that could be vulnerable. Look for patterns like: example.com/search?q=user+search+keywords&url=
  • track clicks for affiliate programs, ad programs, or site statistics: example.com/coupon.jsp?code=ABCDEF&url=
    example.com/cs.html?url=
  • Proxy sitesproxy.example.com/?url=
  • login pages will redirect users back to the page they were trying to access: example.com/login?url=
  • Scripts that put up an interstitial page when users leave a site can be abused:
    example.com/redirect/
    example.com/out?
    example.com/cgi-bin/redirect.cgi?

Full Article

Share This Story, Choose Your Platform!

Do NOT follow this link or you will be banned from the site!