Rated 5 out of 5 stars

by NinjaSentry on May 30, 2015 · permalink

I like this addon a lot. Took a few minutes to figure out, but it works great.

A good overview of the different types of redirects can be found on Wikipedia :
http://en.wikipedia.org/wiki/URL_redirection

NoRedirect can be used to protect against exploit kits and servers infected with malware such as cdorked, by intercepting their malicious redirects.

It can detect HTTP headers ( 301 / 302 etc ), and HTTP refresh / meta-refresh. It does not work on javascript window.location redirects.

There are very few options, so it's hard to go wrong. Using it like a firewall in default block all mode, I removed all the default filters and added one catch all wildcard filter to intercept redirects globally from any website.

My test pattern :

^https?://(?:[^/]+\.)?(?:.+)\(?:.+)

When you leave all the checkbox options unchecked, this mode will give you a redirect warning with a message showing the status code or header redirect type, with a link to the redirect location that you can click on, if all is ok.

Checking the DNS error page option will give you the Firefox error page that the site can't be found. This option could be used when targeting exploit kit redirect patterns specifically. A custom error page with a brief description or NoRedirect logo would be even better, so you know it's not really an error..

Thanks Kai Liu, great work.

--

@davesocal - "There is no support documentation to explain the syntax of the filter expressions to use"

Mozilla has a very nice page on Regular Expressions :
https://developer.mozilla.org/en/docs/Web/JavaScript/Guide/Regular_Expressions

--