Sign in
Sacha Faust Web Security Blog
Translate This Page
Translate this page
Powered by
Microsoft® Translator
Options
Email Blog Author
RSS for posts
Atom
RSS for comments
OK
Search
Tags
ASP.NET
Code Review
CSRF
FxCop
MVC
One-Click
Security
STS
XSS
Archive
Archives
December 2010
(1)
May 2010
(1)
April 2010
(1)
March 2010
(1)
December 2009
(1)
January 2009
(1)
September 2008
(3)
Posts
Subscribe via RSS
Sort by:
Most Recent
|
Most Views
|
Most Comments
Excerpt View
|
Full Post View
Sacha Faust Web Security Blog
Watch out for scheme relative urls
Posted
over 3 years ago
by
TheFaust
2
Comments
Doing my usual random code browsing yesterday I stumbled on a method that peaked my curiosity. The intent of the method is to only allow redirect to relative paths. If the redirect is not a relative path, it is rejected. Let’s look at the implementation...
Page 1 of 1 (1 items)