Redirection: please explain how it's done.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I am doing programming stuff with SOAP web services via Silverlight.
A database is also involved (Microsoft SQL Server).  I'd like to know
if somehow somebody can take my app and somehow redirect it so it
takes a user to some malware sight and/or steals the data that comes
from the web services server.  If that makes sense. The URL is http,
not https.

I really don't know much about this topic, but I can't off the top of
my head figure out how somebody would do a redirect, since I own the
web services server, and the user would be getting web services data
from my server through my Silverlight app residing on the server.

But I notice that some IDEs and programming languages talk about "anti-
spoofing" measures so I assume it must somehow be possible, akin to a
SQL Injection attack popular a decade ago.

How is it done?  Please explain.


Re: Redirection: please explain how it's done.

RayLopez99 wrote:

Quoted text here. Click to load it


Re: Redirection: please explain how it's done.

Quoted text here. Click to load it
 ecade ago.
Quoted text here. Click to load it

I take it you are a member.  Can you please post the question above at
the OWASP forum, and let me know what they say?  I don't want to spend
$50, the membership fee, to find out... <g>.



The Open Web Application Security Project (OWASP) is a 501c3 not-for-
profit worldwide charitable organization focused on improving the
security of application software. Our mission is to make application
security visible, so that people and organizations can make informed
decisions about true application security risks. Everyone is free to
participate in OWASP and all of our materials are available under a
free and open software license.

Site Timeline