In theory, relaxing the exact match makes us vulnerable to an attack if this functionality is used with a dashboard that allows unvalidated redirects.
Could a user spoof this by setting the dashboard URL to something like: http://dashboard/redirect?url=http://hacked_site ?
And if they can what could they steal?
In theory, relaxing the exact match makes us vulnerable to an attack if this functionality is used with a dashboard that allows unvalidated redirects.
Could a user spoof this by setting the dashboard URL to something like: http:// dashboard/ redirect? url=http: //hacked_ site ?
And if they can what could they steal?