Monday, May 18, 2020 [Tweets] [Favorites]

Security Theatre in Safari Download Permissions

Nick Heer:

Twitter’s URL shortener works by creating 301 redirects, but Safari apparently doesn’t follow those to their destination URL. In some cases, that probably makes sense — large file downloads are often hosted on CDNs with inscrutable addresses. It does, however, mean that however this is supposed to benefit security or privacy is easily defeated if downloads are redirected through common URL shorteners.


Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment