Prevent Open URL Redirect

  1. FAQ
  2. Prevent Open URL Redirect
//coded by Myo Soe, https://yehg.net

function prevent_open_redirect($url, $approved_domains){
    $url =  normalizer_normalize ($url); // http://php.net/manual/en/normalizer.normalize.php 
    $parse = parse_url($url);
    if (!in_array($parse['host'], $approved_domains))
    {
    die("Disallowed URL");
    }else{echo "GOOD URL";}
    return $url;
}

$approved_domains = array ("yehg.net", "seckb.yehg.net");
prevent_open_redirect("https://secyehg.net/",  $approved_domains);
prevent_open_redirect("https://yehg.net.attacker.in/",  $approved_domains);
prevent_open_redirect("https://yehg.net%00attacker.in/",  $approved_domains);
Published with GitBook · Last edit March 16th 2018

results for ""

    No results matching ""