Editing URL redirection (section)

== Services ==
There exist services that can perform URL redirection on demand, with no need for technical work or access to the web server your site is hosted on.

=== URL redirection services ===
A '''redirect service''' is an information management system, which provides an internet link that redirects users to the desired content. The typical benefit to the user is the use of a memorable domain name, and a reduction in the length of the URL or web address. A redirecting link can also be used as a permanent address for content that frequently changes hosts, similarly to the [[Domain Name System]]. Hyperlinks involving URL redirection services are frequently used in spam messages directed at blogs and wikis.  Thus, one way to reduce spam is to reject all edits and comments containing hyperlinks to known URL redirection services; however, this will also remove legitimate edits and comments and may not be an effective method to reduce spam.
Recently, URL redirection services have taken to using [[AJAX]] as an efficient, user friendly method for creating shortened URLs. A major drawback of some URL redirection services is the use of delay pages, or frame based advertising, to generate revenue.

==== History ====
The first redirect services took advantage of [[top-level domains]] (TLD) such as "[[.to]]" (Tonga), "[[.at]]" (Austria) and "[[.is]]" (Iceland). Their goal was to make memorable URLs. The first mainstream redirect service was V3.com that boasted 4 million users at its peak in 2000.  V3.com success was attributed to having a wide variety of short memorable domains including "r.im", "go.to", "i.am", "come.to" and "start.at".  V3.com was acquired by FortuneCity.com, a large free web hosting company, in early 1999.<ref name="2Died" /> As the sales price of top level domains started falling from {{US$|long=no|50.00}} per year to less than {{US$|long=no|10.00}}, use of redirection services declined. With the launch of [[TinyURL]] in 2002 a new kind of redirecting service was born, namely [[URL shortening]]. Their goal was to make long URLs short, to be able to post them on internet forums. Since 2006, with the 140 character limit on the extremely popular [[Twitter]] service, these short URL services have been heavily used.

=== Referrer masking ===
Redirection services can hide the [[referrer]] by placing an intermediate page between the page the link is on and its destination. Although these are conceptually similar to other URL redirection services, they serve a different purpose, and they rarely attempt to shorten or obfuscate the destination URL (as their only intended side-effect is to hide referrer information and provide a clear gateway between other websites.) This type of redirection is often used to prevent potentially-malicious links from gaining information using the referrer, for example a [[session ID]] in the query string. Many large community websites use link redirection on external links to lessen the chance of an exploit that could be used to steal account information, as well as make it clear when a user is leaving a service, to lessen the chance of effective [[phishing]]  .

Here is a simplistic example of such a service, written in [[PHP]].
<syntaxhighlight lang="html+php">
<?php
$url = htmlspecialchars($_GET['url']);
header('Refresh: 0; url=https://' . $url);
?>
<!-- Fallback using meta refresh. -->
<html>
 <head>
  <title>Redirecting...</title>
  <meta http-equiv="refresh" content="0;url=https://<?= $url; ?>">
 </head>
 <body>
 Attempting to redirect to <a href="https://<?= $url; ?>">https://<?= $url; ?></a>.
 </body>
</html>
</syntaxhighlight>

The above example does not check who called it (e.g. by referrer, although that could be spoofed).  Also, it does not check the URL provided.  This means that a malicious person could link to the redirection page using a URL parameter of his/her own selection, from any page, which uses the web server's resources.