[LINK] google search hidden redirects

Richard rchirgwin at ozemail.com.au
Tue Mar 19 09:00:15 AEDT 2013


Interesting article, but I'm amused at the idea that the redirects are 
"hidden". If you've ever tried to send someone a link you found to a PDF 
on Google you get the full redirect. Eg:

http://www.google.com.au/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CC8QFjAA&url=http%3A%2F%2Fwww.accc.gov.au%2Fcontent%2Fitem.phtml%3FitemId%3D1099496%26nodeId%3D5967b14aa8ca04fe0b86977158b48872%26fn%3DAAPT%2520submission%2520-%2520SAU%2520consultation%2520paper%2520(18%2520January%25202013).pdf&ei=R45HUYXJOoadiAfxi4Ew&usg=AFQjCNGvKJ4uP9yg-Nj6zL_RHmhszZRt6g&bvm=bv.43828540,d.dGI

Hidden in plain view! :-)

Pleased do know they can be defeated...

RC

On 19/03/13 8:43 AM, Kim Holburn wrote:
> Interesting article here:
>
> http://www.reddit.com/r/netsec/comments/1ah2gq/hacking_the_a_tag_in_100_characters_deviously/
>
> The interesting part is in the comments.  Up near the top there's a comment by neilk explaining how google search pages redirect your click through google then on to the site you supposedly clicked on.
>
> Further on alkw0ia explains that google then sends additional referrer details if they are redirecting you to a partner.
>
> Finally next UberNube explains how to stop google doing it using the redirector add-on in firefox.
>
> Creating a rule with:
>
> Include Pattern:    .+google.+/url\?.*url=([^&]*).*
> Exclude Pattern:    none
> Redirect To:        $1
> Unescape Matches:   Yes
>
>
>




More information about the Link mailing list