Developers, remember if you need to direct your users to another web page (even if it’s the to about page on your own site) and your taking the page from the url , you need to validate it before you do the redirect. Something as simple as an few if statements or regular expressions confirming it’s a page you allow will save you headaches down the road.
https://gizmodo.com/dojs-amber-alert-website-is-redirecting-visitors-to-har-1825336250
No comments:
Post a Comment