-6

I need to prevent the program from executing the redirect so I can see the sensitive information


<?php 
        $redirect_url = 'page2.php';
        header("Location: " . $redirect_url); 
?>

<div id="demo">This is sensitive information</div>

I expect the code to remain at the same page without redirecting to page2

I want to do it using the terminal or an external command supposing that I don't control the site.

Ruan Mendes
  • 90,375
  • 31
  • 153
  • 217
Sam
  • 1
  • 2
  • 2
    Remove/comment out the `header()`-call that makes the redirect? – M. Eriksson Mar 29 '23 at 12:51
  • @M.Eriksson not that simple, I want to do it using the terminal or an external command supposing that I don't control the site. Just doing some testing to my code here – Sam Mar 29 '23 at 12:54
  • 2
    @Sam How would we know that if you don't explain that in your question? See https://stackoverflow.com/help/how-to-ask – Ruan Mendes Mar 29 '23 at 12:59
  • So basically you're trying to hack the site? We generally don't provide advice for the purposes of malicious acts or trying to circumvent security. Try the dark web or something. – ADyson Mar 29 '23 at 12:59
  • @ADyson I have a site that has an issue with execution after redirect but can't know how to test it, that's why im asking, not trying to do any malicious acts here – Sam Mar 29 '23 at 13:02
  • 5
    P.S. Unless this is an overly simplified example of the real scenario, the site will leak the info anyway. The PHP script does not `die()` after setting the header, so will continue to execute and output all the content. The redirect will mean it's not visible in the browser's main window (because the browser will follow the redirect header once it receives it), but you'd be able to see it from the Network tool, or by requesting the page from something like Postman. So no hacking required in this case, actually. – ADyson Mar 29 '23 at 13:03
  • 1
    `an issue with execution after redirect`...but what would be the point of executing anything after deciding that a redirect is needed...surely you just want to stop the script, and let the browser move to the new page? – ADyson Mar 29 '23 at 13:04
  • 1
    _"so I can see the sensitive information"_ - if that's all you need, then go and inspect the response in your browser dev tools ...? Not sure what you are on about here with "terminal or external command". – CBroe Mar 29 '23 at 13:10
  • When you post a question, make sure you include _all_ necessary information in the original question, like you not having access to the source code. – M. Eriksson Mar 29 '23 at 13:10
  • ...and note that you can [edit] the question to improve it or add things to it, when necessary. – ADyson Mar 29 '23 at 13:32

2 Answers2

1

You can use curl which does not follow redirects by default.

See Is there a way to follow redirects with command line cURL?

curl mysite.com
Ruan Mendes
  • 90,375
  • 31
  • 153
  • 217
  • The one correct beneficial answer – Sam Mar 29 '23 at 13:24
  • 1
    @Sam this is the same as what I said in my answer, except I actually explained why it works and why your code isn't preventing the sensitive information from leaking. This isn't a tool which circumvents the normal behaviour of the code, it's simply one way of seeing what's already happening. But a simpler and quicker way would be just to use your browser's Network tool. :-) – ADyson Mar 29 '23 at 13:30
  • @Sam I don't necessarily suggest you do so, but for future reference it is possible to change your mind if more answers are added. And if you get a handful of reputation points (and avoid any more downvotes) you'll be able to vote on answers as well as accepting them :-) – ADyson Mar 29 '23 at 13:34
  • @ADyson I don't post or participate frequently on stackoverflow so I don't know all the details, I will try to touch on your tips next times, your comments are much appreciated – Sam Mar 29 '23 at 13:36
  • @Sam no problem. There's lots of guidance in the help centre on this kind of thing - well worth a quick read when you have a few minutes. – ADyson Mar 29 '23 at 13:44
  • @RuanMendes it's quicker if you're already on that site in your browser, pondering how to get round a redirect! That was my point :-). I am not trying to steal your answer - if you look, I specifically made it clear I wasn't suggesting that in this case. I only commented because OP said this was the "one beneficial correct answer", which I take issue with! I had also wrongly assumed (without checking their rep points) that the OP had downvoted mine for some reason, but evidently that didn't happen. – ADyson Mar 29 '23 at 13:56
  • `a much simpler explanation: "curl does not follow redirects by default."`...yes it's simpler up front, but misses the point that a lot of people mistakenly assume that setting a redirect header in server-side code immediately causes the redirect, and stops the rest of the script from executing. This assumption is the cause of security problems such as in this example where the sensitive info can still leak. I think it's important to point that out, so we identify the root cause of the scenario and how to stop it from happening, rather than just merely how to observe it. – ADyson Mar 29 '23 at 13:57
  • yes but...the question says `I need to prevent the program from executing the redirect so I can see the sensitive information` and while we've both provided an answer to that, the comments then go on to mention that they are "investigating an issue with execution after redirect"...which suggests to me that someone has reported seeing the sensitive info, and they are looking to reproduce the problem to verify the bug report. So the next inevitable question would be why it happened and how to fix it. Hence I've explained that. So both answers are probably useful in their own way :-) – ADyson Mar 29 '23 at 14:01
  • @RuanMendes I feel like if they knew that, they probably wouldn't have asked the question :-) – ADyson Mar 29 '23 at 14:04
1

Unless this is an overly simplified example of the real scenario, the site will leak the info anyway. The PHP script does not die() after setting the header, so will continue to execute and output all the content. Setting a header does not stop the PHP script, it simply sends a HTTP response header to the client (in this case suggesting that it might like to redirect to the provided URL instead of displaying the response body). The header, plus any other content the script outputs, is all sent to the client side, which, once it has received everything the server provides, then decides what to do with it.

The redirect will mean that the content is not visible in the browser's main window (because the browser will follow the redirect header once it receives it), but you'd be able to see it by looking at the raw response to that request in the browser's Network tool, or by requesting the page from non-browser HTTP tools such as Postman or cURL, which can be configured not to follow redirects automatically.

ADyson
  • 57,178
  • 14
  • 51
  • 63