Why Open Redirect Urls?

I've been going through the OWASP top 10 to get a deeper understanding of each specific type of vulnerability. I've made my way to the last item, Unvalidated URL Redirects. I und

Solution 1:

This question is a bit old now, but I'll have a go at answering it for you anyway in case you're still curious, or forgot about it completely. :)

Here are the two most common use cases for adding redirect parameters that I can think of:

1. As a way of monitoring or warning users when they are leaving the site. On websites that want to track trends and user traffic, like Twitter with its URL shorteners, or Google with search tracking, this can be used to find out where users are going next. Websites might also scrutinize the URL and check to see if it's safe first, or just present the user with a 'leaving page' that warns them that they're leaving the domain.

2. To remember what a user's intention was before they were necessarily diverted. For instance, a user might have tried to go directly to their account page, but they need to be redirected to the login page to sign in first. Once this is successful, the user is directed back to the page they were originally trying to access, rather than a default page, aiding continuity.

In the second case, the intended URL could indeed be passed as a hidden parameter, or as a cookie. However, both of these techniques could still be vulnerable to abuse in the same way as OWASP identifies... except possibly where the URL is stored as a session variable on the server side.