Welcome to Tesla Motors Club
Discuss Tesla's Model S, Model 3, Model X, Model Y, Cybertruck, Roadster and More.
Register

URL Question: (Google Tutorial to Avoid Phishing)

SageBrush

REJECT Fascism
May 7, 2015
12,497
15,504
New Mexico
Google offers a nifty quizz and tutorial on catching fraudulent URLs that are used in phishing schemes.
I find the last one difficult to understand, even after I skimmed the URL rfc written by Lee. The URL (with the scheme omitted) is

//google.com/amp/tinyurl.com/y7u8ewlr

Google says the TLD is tinuyurl.com and not google.com

I'd like to understand why. Obviously my current practice of identifying the TLD as the token to the left of the first single forward slash is wrong.
 

kavyboy

Active Member
Jan 13, 2016
1,276
2,186
Spring, TX
Google is doing a redirect to what's after the /amp/. You are indeed going to google.com as the TLD, but then the browser follows google's instruction to redirect. This is specific behavior to google.com/amp/whatever, not a general browser behavior. Your current practice remains correct as far as I know.
 
  • Informative
Reactions: SageBrush

SageBrush

REJECT Fascism
May 7, 2015
12,497
15,504
New Mexico
Google is doing a redirect to what's after the /amp/. You are indeed going to google.com as the TLD, but then the browser follows google's instruction to redirect. This is specific behavior to google.com/amp/whatever, not a general browser behavior. Your current practice remains correct as far as I know.
Wow.

Does that mean that a non-escaped period after the first forward slash is a redirect ?
 

kavyboy

Active Member
Jan 13, 2016
1,276
2,186
Spring, TX
Wow.

Does that mean that a non-escaped period after the first forward slash is a redirect ?
No, there's no general case here. This is purely a google.com/amp/ thing. It's something google is doing on their side for this one particular URL. Imagine if it was instead google.com?SendMeTo=tinyurl.com/y7u8ewlr. It's pretty clear that you're going to google, and passing along a URL as well, and that the backend code is going to redirect you. That's what's happening in the real case, but it's not at all obvious.
 
  • Like
Reactions: SageBrush

SageBrush

REJECT Fascism
May 7, 2015
12,497
15,504
New Mexico
No, there's no general case here. This is purely a google.com/amp/ thing. It's something google is doing on their side for this one particular URL. Imagine if it was instead google.com?SendMeTo=tinyurl.com/y7u8ewlr. It's pretty clear that you're going to google, and passing along a URL as well, and that the backend code is going to redirect you. That's what's happening in the real case, but it's not at all obvious.
Can the behavior and URL construct be implemented by any server ?
I tried http://google.com/amp/comcast.net and received a redirection warning. Who is giving the warning, the browser or the server (or something else ) ?
 

Products we're discussing on TMC...

About Us

Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.

Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


SUPPORT TMC
Top