Open Redirection in Misconfigured OAuth
Author(s):
Ravi Solanki, Prof. Chandresh Parekh
Keywords:
Oauth2.0, Misconfigured, web Applications, Open Redirection.
Abstract
OAuth2.0 is generally used by online facility providers worldwide. OAuth security-related banners appear from time to time, and mismanagement of the protocol caused many difficulties. It verifies the user's identity for the requested website without revealing the password to the website. When a web application receives untrustworthy input, it causes the request to be readdressed to the underlying URL without any input, redirects and forwards are potential. The user-agent redirection system in OAuth is the vulnerable links because hard for developers and operators to the right way read, understand and implement all the subtle but significant requirements. In this discussion, we begin by identifying the security community's understanding of the OAuth redirection threats. The current process of the OAuth requirement, as well as its circulating best practice, will be discussed. We announce new OAuth redirection attack technologies that activity the interaction of URL construing issues with redirection controlling in majority browsers and mobile applications. In explicit, it allows attackers to hijack third party app accounts, gain access to sensitive personal info, or take special actions on behalf of affected users.
Article Details
Unique Paper ID: 149731

Publication Volume & Issue: Volume 7, Issue 1

Page(s): 780 - 784
Article Preview & Download


Share This Article

Go To Issue



Call For Paper

Volume 7 Issue 3

Last Date 25 August 2020

About Us

IJIRT.org enables door in research by providing high quality research articles in open access market.

Send us any query related to your research on editor@ijirt.org

Social Media

Google Verified Reviews

Contact Details

Telephone:6351679790
Email: editor@ijirt.org
Website: ijirt.org

Policies