TMC is an independent, primarily volunteer organization that relies on ad revenue to cover its operating costs. Please consider whitelisting TMC on your ad blocker and becoming a Supporting Member. For more info: Support TMC

URL Question: (Google Tutorial to Avoid Phishing)

Discussion in 'Off Topic' started by SageBrush, Sep 26, 2019.

  1. SageBrush

    SageBrush 2020: Drain the Sewer

    Joined:
    May 7, 2015
    Messages:
    11,167
    Location:
    New Mexico
    Google offers a nifty quizz and tutorial on catching fraudulent URLs that are used in phishing schemes.
    I find the last one difficult to understand, even after I skimmed the URL rfc written by Lee. The URL (with the scheme omitted) is

    //google.com/amp/tinyurl.com/y7u8ewlr

    Google says the TLD is tinuyurl.com and not google.com

    I'd like to understand why. Obviously my current practice of identifying the TLD as the token to the left of the first single forward slash is wrong.
     
  2. kavyboy

    kavyboy Active Member

    Joined:
    Jan 13, 2016
    Messages:
    1,130
    Location:
    Spring, TX
    Google is doing a redirect to what's after the /amp/. You are indeed going to google.com as the TLD, but then the browser follows google's instruction to redirect. This is specific behavior to google.com/amp/whatever, not a general browser behavior. Your current practice remains correct as far as I know.
     
    • Informative x 1
  3. SageBrush

    SageBrush 2020: Drain the Sewer

    Joined:
    May 7, 2015
    Messages:
    11,167
    Location:
    New Mexico
    Wow.

    Does that mean that a non-escaped period after the first forward slash is a redirect ?
     
  4. kavyboy

    kavyboy Active Member

    Joined:
    Jan 13, 2016
    Messages:
    1,130
    Location:
    Spring, TX
    No, there's no general case here. This is purely a google.com/amp/ thing. It's something google is doing on their side for this one particular URL. Imagine if it was instead google.com?SendMeTo=tinyurl.com/y7u8ewlr. It's pretty clear that you're going to google, and passing along a URL as well, and that the backend code is going to redirect you. That's what's happening in the real case, but it's not at all obvious.
     
    • Like x 1
  5. SageBrush

    SageBrush 2020: Drain the Sewer

    Joined:
    May 7, 2015
    Messages:
    11,167
    Location:
    New Mexico
    Can the behavior and URL construct be implemented by any server ?
    I tried http://google.com/amp/comcast.net and received a redirection warning. Who is giving the warning, the browser or the server (or something else ) ?
     

Share This Page

  • About Us

    Formed in 2006, Tesla Motors Club (TMC) was the first independent online Tesla community. Today it remains the largest and most dynamic community of Tesla enthusiasts. Learn more.
  • Do you value your experience at TMC? Consider becoming a Supporting Member of Tesla Motors Club. As a thank you for your contribution, you'll get nearly no ads in the Community and Groups sections. Additional perks are available depending on the level of contribution. Please visit the Account Upgrades page for more details.


    SUPPORT TMC