Web applications URLs describe what kind of request is being send by a user.
Eg; https://www.researchgate.net/topics?ev=nav_discussions
In the link give above;
1- /topics tells that the user visits the topics page.
2- ev=nav_discussions send a dynamic info to the web server, this info could be a data id in the database.
All visited links could be stored in the browser history.
Those these pose a serious risk to the web application user or application, especially in the case of sensitive applications like Banking Softwares and government systems?
Usually no sensitive information should be send to the server through post methods. The query string values SHOULD be checked according to user's access rights and state, otherwise the web-application suffers from serious and basic design flaw.
I think you only have part of the picture. What you've shown is a GET request, which merely fetches what is probably a login request page. This will prompt you for username/password, and issue a POST request, which shows nothing in the URL, and will almost certainly execute a CGI binary, which does the authentication. If the system has been set up competently, the htdocs directory will have no POST permission, and the cgi-bin directory will have no GET permission. This will ensure that malicious parasites can't upload files to the former, and can't read files in the latter.
Here's an unpublished link, used to test our security system:
www.designsim.com.au/login.html
Try accessing it, then try logging in as TestManager. Watch the URL's. You'll find nothing that can be exploited.
- Badges
- Science topic
- Similar topics
- Computer Science
- Computing