Hacker News new | ask | show | jobs
by nickfrostatx 3685 days ago
Given how important domain names are for security, it would be concerning if domain names get truncated.

I could craft:

evil.net/this-is-a-very-very-long-path/bankofamerica.com/account-settings/blah/blah/blah

Which, depending on how this is implemented, might render to

...bankofamerica.com/account-settings/blah/blah/blah
2 comments
notahacker 3685 days ago
this horse bolted long ago with ubiquitous shortURL services
link
niccaluim 3685 days ago
The domain and path are truncated separately. Your example would be displayed as evil.net/this-is-a-very-very-lo…
link
ludamad 3685 days ago
So evil-bank-of-america.net would do?
link
niccaluim 3685 days ago
That wouldn't be truncated, no. It's not long enough.
link