Without commentary these slides are entirely unhelpful. Someone would have to agree with you already and have a head start on the purpose this presentation in order to understand what is going on here.
The premise is that URL parsing is complex and libraries get it wrong. This problem is pervasive and leads to server side request forgery vulnerabilities, which Orange was able to escalate to remote code execution on Github.
https://www.youtube.com/watch?v=D1S-G8rJrEk
He also has a blog post about it:
http://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilitie...
The premise is that URL parsing is complex and libraries get it wrong. This problem is pervasive and leads to server side request forgery vulnerabilities, which Orange was able to escalate to remote code execution on Github.