Penetration Testing mailing list archives
Re: manipulating query strings
From: "Eric Paynter" <eric () arcticbears com>
Date: Tue, 24 Feb 2004 10:16:47 -0800 (PST)
Vel said:
Given the Method is "POST", can I pass values to the Hidden Input fields using the URL. i.e URL manipulation ? I know I can pass variables in URL to Server side script variables if METHOD is "GET".
The server will differentiate between GET and POST, but some libraries will abstract it so that the application sees the variables the same way. The result: some applications may not know the difference, depending on how they are built. More reliable way: save the HTML, edit it, and post it. -Eric -- arctic bears - email and name services 25 email addresses@yourdomain CA$11.95/month DNS starting at CA$3.49/month - domains from CA$25.95/year for details contact info () arcticbears com or visit http://www.arcticbears.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- manipulating query strings Vel (Feb 24)
- Re: manipulating query strings Eric Paynter (Feb 25)
- Re: manipulating query strings Ariel Martinez (Feb 26)
- RE: manipulating query strings Campbell Murray (Feb 25)
- Re: manipulating query strings Markus Toman (Feb 25)
- <Possible follow-ups>
- RE: manipulating query strings Kris Wilkinson (Feb 25)
- Re: manipulating query strings ma1ler_deamon (Feb 25)
- RE: manipulating query strings Toni Heinonen (Feb 25)
- Re: manipulating query strings morning_wood (Feb 26)
- Re: manipulating query strings Karsten Johansson (Feb 25)
- RE: manipulating query strings Scovetta, Michael V (Feb 25)
- Re: manipulating query strings marko (Feb 26)
(Thread continues...)
- Re: manipulating query strings Eric Paynter (Feb 25)