In this chapter, we reviewed an increasingly uncommon failure, named open redirects, which is derived of an incorrect URL validation when it is passed as a parameter to a variable. The main points about open redirects are the following:
- It is generated due to an incorrect URL validation in the application.
- The most common consequence is phishing.
- In some cases, the behavior depends on the browser used to interact with the application. It is because some methods used by the developers to create the redirections just work in a few browsers. Open redirects are most common in Internet Explorer.
- Despite there are other ways to interact between applications such as redirects are still useful.