I would like to create a URL syntax checker so that can verify a cerrtain URL not a phish site. But I am also aware that some URL have valid syntax but is still a phish site.
To answer this, I am looking for some measures on how to verify a URL and its correct DNS equivalent.
I am doing a project of mine as one of our requirements and I have decided to create a web browser (already done) and I have included there 3 anti-phish tools. One of the tools is to check for URL syntax error. i have searched for such but has given me no good results that can be of any help to my project.
I was hoping that some of the bright minds here could help me or enlighten me in my search. Thanks.
How to Create a URL syntax checker in C#
Jamie Thomson
I need to put it in an application (C#) and that for every url text in the textbox, when I clicked the button "GO" the url in the textbox will be check for proper syntax before the page will be loaded in my self-made browser.
In regards to this, I have recently read about url conversion to its equivalence in the DNS server. I thought if I could make a program that will check a URL's ip equivalence (DNS equivalence) and would verify if its a good URL, not a spoof.
Ichi
AlexBB
Is this a good means for catching URL that is not valid or URL having embedded username or redundant "www" or "http://" and the likes I am trying to catch a phish site by filtering the URL and checking its validity.
Alain
hawash
1. Create a URI and determine whether the initial link is valid or rather, well formed. Check also the Query collection of the URI class and scan each key|value pair for words like "username" or "password".
2. If it is valid then create a HTTPWEBREQUEST to grab the contents of the page.
3. Write a validator to check whether the page contains META REFRESH or Javascript Window.Location code (Regex)
4. If the page contains redirection then stop the request and add to a blocked list.
5. Check the response URI (httpwebrequest class) and if it is totally different to the initial URI host property then block the URI and add to blocked list.
6. If URI passes all checks then add to SAFE LIST.
gorla
They use database. They have lists of IP addresses of well known domain names such as yahoo and google. When a certain url (maybe a spoof) attempts to navigate, the url was checked its IP equivalence and if it was found that it was different in their database, it would be possible a phish.
I'm not quite sure about that but thats how I see it. =D
ratslav
Wil Burton
Hi,
you could try to create an instance of the System.Net.Uri class, if the URI is incorrect then an exception will be thrown from the constructor: http://msdn.microsoft.com/library/default.asp url=/library/en-us/cpref/html/frlrfsystemuriclassctortopic1.asp
Mark.
Juco
gordon LI
The checking will be something like, the format of the url, if the url contains embedded usernames. or something like that.
Ichi
chemist
Well wat ur telling is going to server side for validation ..
but y to waste a server round trip
u can simply do tat on client side .
u can go for wat u suggested but tat would be unnecessary load on server ..n to do on client side u can do tat by using javascript
well if u feel u want to then u tell m i wil help u out
if u want to server side validation then u can do the way u told
ahmedilyas
this onBblur event is on text box n it is invoket wen u are out of focus
from ur text box i.e as soon as u remove focus from textbox this event is called
mexy
U cant exactly use it in ur .cs file but u can use it as a script in ur .aspx page
u can make javascript n use it in Head of ur .Aspx page
the same we use javascript in Html
Philip Wagenaar - Nashuatec
How can you tell that from an IP address And how can you assume that the user enters (or copies) each URL into your address textbox - what about links and redirects (or did I get your paragraph wrong )
SiTec
Scott_P
But by this u can only check for some famous URL's
wat about rare ones ..