I am not hurting anyone ... am I ? (page redirects).

craigkenisston

Hi,

I recently read a lot about a topic called page hijacking. It seems
that you can steal page rank from search engines while doing a
redirect.

I reminded I had a code in some pages, where someone clicks a link on
my site, I first go to a page to save the link, then I have a redirect
to the site (I want to count this clicks out).

The code looks like :

if (Request.Params["target"] != null)
{

string target = Request.Params["target"];
string source = ConfigurationSe ttings.AppSetti ngs["DomainName "]
string ClientIP;
ClientIP = Request.UserHos tAddress;

trafficMgmt trafficMgmt = new mydomain.traffi cMgmt();
trafficMgmt.Add Click(source, ClientIP, target);

Response.Redire ct(target);
}

Could this code hurt the target site ?
Which code does this Response.Redire ct to the browser ? Is it 301 or
302 ? Which is the effect on each code ?

Thanks in advance.

Nov 19 '05 #1

Subscribe Reply

1868

Nicole Calinoiu

With this setup, you actually have a much more serious problem than
potential effects on other folks' sites. Your site is currently allowing
redirection to any target URL provided in the query string. This means that
someone with malicious intent could attempt to get users who trust your site
to visit his site via use of a URL like the following:
http://www.yoursite.com/redirector.a...ww.badsite.com. Users who
trust your site are much more likely to click such a link than they would be
to click one that leads directly to the redirection target.

If you want to perform redirection tracking while avoiding this problem, you
have two main options:

1. Separate the navigation from the tracking (e.g.: by using <a> tags with
href pointing to the target URL and onclick event launching the tracking).
Since this will make it possible for at least some redirections to take
place without being tracked (e.g.: if client browser has javascript
disabled), this may not be suit your requirements particularly well.

2. Assign each target URL a unique identifier, then have your redirector
page map from the identifier to the target URL on the server prior to
redirection.

<cr************ @hotmail.com> wrote in message
news:11******** *************@g 14g2000cwa.goog legroups.com...

Hi,

I recently read a lot about a topic called page hijacking. It seems
that you can steal page rank from search engines while doing a
redirect.

I reminded I had a code in some pages, where someone clicks a link on
my site, I first go to a page to save the link, then I have a redirect
to the site (I want to count this clicks out).

The code looks like :

if (Request.Params["target"] != null)
{

string target = Request.Params["target"];
string source = ConfigurationSe ttings.AppSetti ngs["DomainName "]
string ClientIP;
ClientIP = Request.UserHos tAddress;

trafficMgmt trafficMgmt = new mydomain.traffi cMgmt();
trafficMgmt.Add Click(source, ClientIP, target);

Response.Redire ct(target);
}

Could this code hurt the target site ?
Which code does this Response.Redire ct to the browser ? Is it 301 or
302 ? Which is the effect on each code ?

Thanks in advance.

Nov 19 '05 #2

Similar topics

2697

Google page rank and 'header' redirects

by: while_1 | last post by:

If I have a links page that uses php header calls, for each link, to jump to an external page, does Google see those links as "internal to my site" or do they get counted as links to the redirect? IE: people ask me to exchange links all the time. Sometimes (usually not) I do it, but always with a link to in interal-to-my site file that has a header("Location: http://someothersite.com");

PHP

4077

Message while processing page.

by: chints | last post by:

Hi, I have a very unique problem, i am submitting from a pdf form, when submitted goes to a asp page, which saves the data and redirects to a different page after saving the data. I am writing a message called 'Processing Form please wait' in the page where it is saving the data and doing a response.flush(and i also di response.buffer =true) but still it seems like it never hits this page. When the user submits the form, it just stays on...

ASP / Active Server Pages

1457

Message while processing asp page

by: Chints | last post by:

ASP / Active Server Pages

4332

posting to server but staying on same page

by: wk6pack | last post by:

Hi, I have a problem and not quite how to go about solving it. I have a form written in asp. I wish to submit the form and have the server return back to the same page without actually refreshing the page. I know I could write a form, submit it and go to another page. I've searched the web and I see something about HTTP Status code of 204

ASP / Active Server Pages

2623

how to detect who redirects traffic to a aspx page? is this info passed along in request object or can sites anonymously redirect traffic to other sites?

by: Daniel | last post by:

how to detect who redirects traffic to a aspx page? is this info passed along in request object or can sites anonymously redirect traffic to other sites?

.NET Framework

3608

Redirect a page after a new window opened?

by: Nazir | last post by:

I am trying to do something pretty simple - but can't see how it can be done in ASP.NET. I have an aspx web page with a form which opens up a new window. The web page uses code behind to build the new window. There is simple validation on the form. However, after the form page validates and opens the new window, I want it to redirect to another page (or stop displaying the form).

ASP.NET

2054

Weird Problem: Auto-Jump page doesn't show up in "BACK" history

by: VB Programmer | last post by:

I created a page which I am using to prevent the user from hitting the BACK button. I'll call it my "Auto Jump" page. When it is called it basically auto-redirects to a page specified in the QueryString. (We'll call the page it goes to the "destination page".) If the user hits BACK on the destination page it should goto the "Auto Jump" page which should put you right back to where you hit the button. In Page_Load of this "Auto Jump"...

ASP.NET

264

I am not hurting anyone ... am I ? (page redirects).

by: craigkenisston | last post by:

ASP.NET

1628

Redirecting a page during an xmlRequest script

by: mherman3 | last post by:

I have a page that sends a request to another PHP page on my site. If I try and set the header in the page that is being called, with header(Location: ...), the site doesn't get redirected like I'd like it to, it just writes a response to the original page. The response that it writes is the HTML of the page that I'd like the site to be redirected to. Is there a way that I can redirect from the script that is being called through an...

PHP

9525

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...

Windows Server

10452

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

10221

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

10003

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

9050

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...

Career Advice

7546

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

6785

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

3730

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP

2924

Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy

by: bsmnconsultancy | last post by:

In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

General