How to prevent open redirection attacks?

Question

Observation Un-validated Redirect: The login form is vulnerable to un-validated redirect attacks: Affected URLs: https://example.com/login.aspx?returnURL=https://www.attacker.com Impact By modifying untrusted URL input to a malicious site an attacker may successfully launch a phishing scam and steal user credentials. Recomendation Whitelist the redirect URLs and prevent redirection outside parent domain. i dont know what is the problem is that.and what they saying. My understading if login the application that redirect another un- validated page. How to fix it what is the problem is that

Joginder Banger · Answer

try this link https://www.codeproject.com/Articles/617043/Hack-Proof-Your-ASP-NET-Application-From-Cross-Sit

Upendra Pratap Shahi · Answer

Use AntiXSS library for CrossSite scripting hacking.

Upendra Pratap Shahi · Answer

https://www.microsoft.com/en-us/download/confirmation.aspx?id=43126 http://www.dotnet-programming.com/post/2015/04/12/How-to-Handle-Cross-Site-Scripting-in-ASPNET-MVC-Application.aspx https://www.nuget.org/packages/AntiXSS/4.3.0 http://wpl.codeplex.com/ Kindly read above article for Pros and cons..

Raja · Answer

how to use this sir?