Nonstandard query string markers and field separators in a web application

0 votes

In some of the websites I have seen that the parameters aren't being passed in the url qeury string in a typical manner as below.

www.abc.com/xyz?foo=bar

But they are being passed in a different way:

www.abc.com/xyz;foo=bar

My question is: Should I consider these as entry points or neglect them?

Aug 22, 2019 in Cyber Security & Ethical Hacking by Karan
24 views

1 answer to this question.

0 votes

You should definitely consider them as entry points. The url query string mentioned in the question

www.abc.com/xyz;foo=bar

is just a custom scheme for requests but the purpose is the same. Some other example of customized schemas are:

www.abc.com/xyz;foo%3dbar
www.abc.com/xyz?param=foo:bar
answered Aug 22, 2019 by Likith

Related Questions In Cyber Security & Ethical Hacking

0 votes
1 answer
0 votes
1 answer
0 votes
0 answers

I do not have a real result about encryption file use AES mode CFB in pycrptodome on python

I'm using Ubuntu win. on python I ...READ MORE

Aug 22, 2019 in Cyber Security & Ethical Hacking by Ahmed
• 310 points

closed Aug 22, 2019 by Ahmed 51 views
0 votes
1 answer
0 votes
1 answer