NoRedirect Fx extension - ? exploitable gatekeeper

Grumpy Old Lady · Post by **Grumpy Old Lady** » Wed Aug 05, 2009 11:59 am

The proliferation of url shortening use by correspondents and many of the feeds I subscribe to makes previewing tinyurl.com and bit.ly one of the bottlenecks in a browser session for me.
I dislike having to hand over usage information to these services, and the roadblock of setting a new cookie at every visit is a slow-down, just to get a preview, so I've looked for an extension to smooth the preview path.
http://code.kliu.org/noredirect/

What kinds of exploits am I opening Fx up to by giving Kai Liu the previewing task?
If any softness, is there anything NS/ABE can help with?
On my dumb reading of it, kliu.org is as straightforward as tinyurl.com and bit.ly for previewing redirection of urls.

Post by **Giorgio Maone** » Wed Aug 05, 2009 3:04 pm

Looks a cool complement to NoScript (BTW, did you notice the plug in the "Miscellanea" section?)
Unless it has coding vulnerability of its own (e.g. insufficient sanitization of the URLs), it seems better to have than not.
I'll try to perform a quick code review ASAP.

Post by **Giorgio Maone** » Wed Aug 05, 2009 3:11 pm

Code review performed, looks kosher and safe.
Installing for myself too

dhouwn · Post by **dhouwn** » Sat Mar 12, 2011 3:33 pm

Compatible with Firefox 4 now.

InformAction Forums

NoRedirect Fx extension - ? exploitable gatekeeper

NoRedirect Fx extension - ? exploitable gatekeeper

Re: NoRedirect Fx extension - ? exploitable gatekeeper

Re: NoRedirect Fx extension - ? exploitable gatekeeper

Re: NoRedirect Fx extension - ? exploitable gatekeeper