Comment by nzach

yes, I understand this is not a security risk.

but my fear is precisely that I my be sending data to a remote host while I'm completely unaware of this fact.

I tried to create a POC with some popular url shortner services, but doesn't seems to work.

what I wanted to create was a link like <host.tld>/innoc󠅥󠅣󠅕󠅢󠄝󠅙󠅔󠄪󠅑󠅒󠅓ent that redirects to google.com. in this case the "c" contains some hidden data that will be sent to the server while the user is not aware. this seems possible with the correct piece of software.