is now LinkedIn Learning!

To access courses again, please join LinkedIn Learning

All the same content you know and love

Plus, personalized course recommendations tailored just for you

All the same access to your Lynda learning history and certifications

Try LinkedIn Learning for free
Questions? Visit our help center.
Skip navigation

Vulnerability: Open redirect

Vulnerability: Open redirect: ASP.NET MVC 5 Identity: Authentication and Authorization
Vulnerability: Open redirect: ASP.NET MVC 5 Identity: Authentication and Authorization

Sometimes it’s necessary to redirect from one controller to another within the application. There is no risk on doing that if no user input is involved in the process. But, as soon as any external data is used for the redirection, vulnerabilities may appear. To prevent yourself from these kinds of attacks, try to maximally avoid the usage of open redirects. But, if you have to really use them, make sure that you have a whitelist of sites that can be used for this purpose. Also, ASP.NET MVC 5 has built-in methods for identifying internal URLs via the URL helper object on the controller class. The solution in this experiment is to verify the redirect string with URL object’s IsLocalUrl method before performing the redirect.

Resume Transcript Auto-Scroll
Skill Level Intermediate
1h 30m
Show More Show Less
Skills covered in this course
Developer Web Web Development ASP.NET ASP.NET MVC C#

Continue Assessment

You started this assessment previously and didn't complete it. You can pick up where you left off, or start over.

Start My Free Month

Start your free month on LinkedIn Learning, which now features 100% of courses. Develop in-demand skills with access to thousands of expert-led courses on business, tech and creative topics.

Start My Free Month

You are now leaving and will be automatically redirected to LinkedIn Learning to access your learning content.