Neeraj Sonaniya added the comment:
Hi,
I know that \ (backslash) should be encoded to url encoding (%5c) but if the
same url (without urlencoded form) typed into URL bar of browser we are getting
hostname to 'https://www.google.com
New submission from Neeraj Sonaniya :
Summary:
It have been identified that `urlparse` under `urllib.parse` module is
detecting wrong hostname which could leads to a security issue known as Open
redirect vulnerability.
Steps to reproduce the issue:
Following code will help you
