Last post Apr 07, 2015 08:45 AM by PatriceSc
Apr 06, 2015 02:31 PM|skande|LINK
How to prevent open redirect attack in ASP.NET. I have few sources on how to prevent in MVC but are there any specific resources available for asp.net? During the input validation is it sufficient to just test the URL is local on server side ? what are the
other vulnerabilities we need to validate to prevent this attack ?
Apr 07, 2015 04:50 AM|Archer Wang|LINK
Thank you for your post. According to your requiement, I suggest that you could refer to the below article at ASP.NET. Please check the below link.
This tutorial is about how to prevent this with MVC.
Please refer to PatriceSc's suggestion.
Hope this could be helpful to you.
Apr 07, 2015 08:45 AM|PatriceSc|LINK
What you found should apply as well to all server side technologies. Redirection is not tied to MVC, not even to ASP.NET but to the HTTP protocol itself so regardless of what you are using the same protection measure you found should still apply (ie always check
that the redirection goes to your own site) ...