This bypass I found in a application while I doing pentesting. I hope it will helps you too!
- While you I trying to redirect https://targetweb.com?url=http://attackersite.com it did not redirected!
- I Created a new subdomain with with www.targetweb.com.attackersite.com
- And when I tried to redirect with https://targetweb.com?url=www.targetweb.com.attackersite.com
- It will successfully redirected to the www.targetweb.com.attackersite.com website!
- Due to the bad regex it has been successfully bypass their protection!