|
|
Posted by Brendan Gillatt on 10/11/07 21:25
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
worktech@gmail.com wrote:
> This is not my website I am dealing with, it is a public site that
> uses a form that has the code above. So why can't I just pass the
> data through the address bar? Is there some security in place that
> might prevent url passing of variables?
The problem arising from this is what could occur when someone bookmarks
or links to a URL with data in them. Every search engine that will find
the link will also execute the script and submit the data.
GET should always be used to _get_ data from a server, POST should always
be used to _modify_ data on a server and HEAD should always be used to
_retrieve headers_ from a server.
> If I can't do that, would writing a script that uses sockets be able
> to accomplish this somehow?
Sure it is. Read up on the HTTP specs. After all, your browser uses
sockets to send the data to the server.
> Or is it somehow not possible without
> using their html form
A HTML form simply describes what data the browser should allow a user to
submit.
- --
Brendan Gillatt
brendan {at} brendangillatt {dot} co {dot} uk
http://www.brendangillatt.co.uk
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBACD7433
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
iD8DBQFHDpS3kA9dCbrNdDMRAtKaAKCkJj1Tf004ECPugEavPPSIHjTKaACgg/Zf
pJPbJQfMTE9tI2fYG07n3Zo=
=+3CE
-----END PGP SIGNATURE-----
Navigation:
[Reply to this message]
|