[LINK] google search hidden redirects
Richard
rchirgwin at ozemail.com.au
Tue Mar 19 09:00:15 AEDT 2013
Interesting article, but I'm amused at the idea that the redirects are
"hidden". If you've ever tried to send someone a link you found to a PDF
on Google you get the full redirect. Eg:
http://www.google.com.au/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CC8QFjAA&url=http%3A%2F%2Fwww.accc.gov.au%2Fcontent%2Fitem.phtml%3FitemId%3D1099496%26nodeId%3D5967b14aa8ca04fe0b86977158b48872%26fn%3DAAPT%2520submission%2520-%2520SAU%2520consultation%2520paper%2520(18%2520January%25202013).pdf&ei=R45HUYXJOoadiAfxi4Ew&usg=AFQjCNGvKJ4uP9yg-Nj6zL_RHmhszZRt6g&bvm=bv.43828540,d.dGI
Hidden in plain view! :-)
Pleased do know they can be defeated...
RC
On 19/03/13 8:43 AM, Kim Holburn wrote:
> Interesting article here:
>
> http://www.reddit.com/r/netsec/comments/1ah2gq/hacking_the_a_tag_in_100_characters_deviously/
>
> The interesting part is in the comments. Up near the top there's a comment by neilk explaining how google search pages redirect your click through google then on to the site you supposedly clicked on.
>
> Further on alkw0ia explains that google then sends additional referrer details if they are redirecting you to a partner.
>
> Finally next UberNube explains how to stop google doing it using the redirector add-on in firefox.
>
> Creating a rule with:
>
> Include Pattern: .+google.+/url\?.*url=([^&]*).*
> Exclude Pattern: none
> Redirect To: $1
> Unescape Matches: Yes
>
>
>
More information about the Link
mailing list