[issue23505] Urlparse insufficient validation leads to open redirect
Yassine ABOUKIR
report at bugs.python.org
Tue Mar 3 01:21:44 CET 2015
Yassine ABOUKIR added the comment:
When you directly type //evil.com or ////evil.com in Firefox URL bar you will be redirect to evil.com and that is very known, read this :
http://homakov.blogspot.com/2014/01/evolution-of-open-redirect-vulnerability.html
Here is a video demonstration of the vulnerability : http://youtu.be/l0uDAqpRPpo
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue23505>
_______________________________________
More information about the Python-bugs-list
mailing list