Total: 9
Promotes: 9
Demotes: 0
  Would it be an idea to warn user about redirect-URLs?

IdeaSpace: Notes Client / Mail
Tags: spam url protection
Author: Robert Ibsen Voith on 09 Feb 2016
Status: Open
Linkage: Permalink / Email

I have written a lengthy explanation here 
Very shortly; Prompt the user when he or she attempt to click on a mail link containing a redirect-URL. These URLs uses the at-sign to redirect to other sites. The format is like this:
http:// <user info> @ < the real url>
Traditionally this format has been used to transport username and password to the site, and thus logging into a basic authentication site. However, it is fully up to < the real url> what to do with the <user info>. 
In the blog post I reference in the beginning, I show how the URL can  be transformed to this:
Looks much the same, right? However, it uses the redirect at-sign, and redirects the call to a Norwegian newspaper ( were I have converted's IP address to an integer. All valid URL-stuff, but easy to overlook. 

I therefore hope IBM will allow a configurable dialog box to pop up when such links are clicked, to both warn - and possible show where the link would end up.

iPhone View | Classic View