This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author yaaboukir
Recipients benjamin.peterson, martin.panter, orsenthil, pitrou, python-dev, soilandreyes, vstinner, yaaboukir
Date 2015-03-03.00:21:44
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1425342104.28.0.189830519695.issue23505@psf.upfronthosting.co.za>
In-reply-to
Content
When you directly type //evil.com or ////evil.com in Firefox URL bar you will be redirect to evil.com and that is very known, read this : 

http://homakov.blogspot.com/2014/01/evolution-of-open-redirect-vulnerability.html

Here is a video demonstration of the vulnerability : http://youtu.be/l0uDAqpRPpo
History
Date User Action Args
2015-03-03 00:21:44yaaboukirsetrecipients: + yaaboukir, orsenthil, pitrou, vstinner, benjamin.peterson, python-dev, martin.panter, soilandreyes
2015-03-03 00:21:44yaaboukirsetmessageid: <1425342104.28.0.189830519695.issue23505@psf.upfronthosting.co.za>
2015-03-03 00:21:44yaaboukirlinkissue23505 messages
2015-03-03 00:21:44yaaboukircreate