• Lakshmi Sirisha
  • NEWBIE
  • 0 Points
  • Member since 2017

  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 1
    Replies
I'm currently stuck on the "Learn Standard Open Redirect Preventions" challenge of the "App Logic Vulnerability Prevention" module.

The challenge is to submit a valid open redirect attack starting from the Standard Redirect Protections Challenge tab.

However, the links on this page are all to standard record pages, where the hack (e.g changing retURL to returl) won't work (it only works on VF pages).

Can anyone give me some advice on where I'm missing something on the challenge?
I'm currently stuck on the "Learn Standard Open Redirect Preventions" challenge of the "App Logic Vulnerability Prevention" module.

The challenge is to submit a valid open redirect attack starting from the Standard Redirect Protections Challenge tab.

However, the links on this page are all to standard record pages, where the hack (e.g changing retURL to returl) won't work (it only works on VF pages).

Even if I attempt this and check the challenge, the error I get states: "It doesn't appear that you've successfully redirected to an external website using the Visualforce page. Please try again." - so it implies that it expects me executing this from a custom VF page.

Can anyone give me some advice on where I'm missing something on the challenge?