I'm using ASP.NET and am looking to redirect users to a page that includes an easily human readable URL. Every method I've tried takes in the URL and encodes it.
Since none of the parameters are taken in to the page or processed in any way, I don't believe there's any security concerns with turning the %20 into a space. If there is an IIS rule this would work on, I would be fine to turn off encoding on this one page, but I can't turn it off for the whole page as this is a special use case.
I've already tried having Response.Redirect and Server.Transfer, and I cannot use Literals as putting the query into the page somewhere could allow an XSS vulnerability.
Expected:
example.com/test?message=Hello World
Actual:
example.com/test?message=Hello%20World
Edit For More Clarity:
<script>
console.log(window.location.pathname + window.location.search);
function replaceAll(str, find, replace) {
return str.replace(new RegExp(find, 'g'), replace);
}
console.log(window.location.pathname + replaceAll(window.location.search, '%20', ' '));
window.history.pushState(window.location.search, "Title", window.location.pathname + replaceAll(window.location.search, '%20', ' '));
</script>
This will write the current URL to the console, then the URL I'd like to see, but then the pushState does not actually update the URL to one without the encoding - it automatically re-encodes it.
I understand this may be impossible, but if someone could explain why then I will at least be able to stop trying so hard to find a solution.
As per Brando Zhang's comment this appears impossible.
Related
My program directs users to a webpage with their username and password. E.g.
http://example.html?username=username&password=password.
Now I created another page in asp.net and I want some code on example.html to redirect the link to http://example.aspx?username=username&password=password.
So what i want is to get the URI from the first url and direct it to the new url by appending the URI.
Any suggestions?
You can grab the querystring in its entirety via
window.location.search
See this with more about that. Using this, you can extract the parameters, append them to a new URL, and render the link, or set
window.location = "example.aspx" + window.location.search
I believe search comes with "?", but I could be wrong. I assume this is an exmaple; note it's not a good practice to pass the password through a querystring as clear text, especially if you are not using HTTPS. It's generally advisable to do a POST operation, not a GET operation with querystring, when it comes to sensitive information.
Use window.location.search to get everything after "?". Then you can just direct the new aspx page using this java script line.
window.location = "example.aspx" + window.location.search
I have checked cache.c <- totally clueless what it is doing or how to have pretty permalinks to servlet calls.
Update: OK, I know what the above does, but the problem is you have to call the above script first before you can access it as permalink. Is there any way I can access permalinks without using "?" at all (in the first place)?
I have also checked on this link: Anatomy of G-WAN URI servlets
I would like to have http://example.com:8080/servlet/arg1/arg2, without "?", and would like the above link to reference "servlet" to servlet.c.
Basically, like this pretty URL for this question
https://stackoverflow.com/questions/27084626/how-to-remove-in-g-wan-url-completely
See...no "?" within the URL.
Is this possible?
I have also checked
u8 *query_char = (u8*)get_env(argv, QUERY_CHAR);
*query_char = '!'; // use "/!hello.c" instead of "/?hello.c"
I know I can't do
*query_char = '';
you can re-write url with handler there is a simple rewrite example
I am working on a URL filtering project . I have a database given to me which contain URLs need to be blocked (eg: a.b.com/d/e).
I get uri and domain from http request. I compare what I get with my database and redirect users without any problem. So far so good.
Problems starts with urls that contains query string and other magics with URL. As an example if user enters a.b.com/d/e?junk. What I get won't match with my database, and users will bypass my filter and they will still be able to go a.b.com/d/e.
I tried some useless actions like slicing everything after special chars like "?,#". But having problems with url like : youtube.com/watch?v=12vh55_1ul8, which becames like youtube.com/watch and blocks all youtube. That solution causes me more problems.
Now I am very confused how to handle this problem. Is there any guide or any library which I can use in C++ ?
Try this code:
string str (get_requsted_uri());
string str2 ("http://getaroundfilters.com/article/889/proxy");
if (str.find(str2) != string::npos) {
block();
} else {
get_and_return_webpage(str);
}
I want to call a JSP with GET parameters within the GET parameter of a parent JSP. The URL for this would be http://server/getMap.jsp?lat=30&lon=-90&name=http://server/getName.jsp?lat1=30&lon1=-90
getName.jsp will return a string that goes in the name parameter of getMap.jsp.
I think the problem here is that &lon1=-90 at the end of the URL will be given to getMap.jsp instead of getName.jsp. Is there a way to distinguish which GET parameter goes to which URL?
One idea I had was to encode the second URL (e.g. = -> %3D and & -> %26) but that didn't work out well. My best idea so far is to allow only one parameter in the second URL, comma-delimited. So I'll have http://server/getMap.jsp?lat=30&lon=-90&name=http://server/getName.jsp?params=30,-90 and leave it up to getName.jsp to parse its variables. This way I leave the & alone.
NOTE - I know I can approach this problem from a completely different angle and avoid nested URLs altogether, but I still wonder (for the sake of knowledge!) if this is possible or if anyone has done it...
This has been done a lot, especially with ad serving technologies and URL redirects
But an encoded URL should just work fine. You need to completely encode it tho. A generator can be found here
So this:
http://server/getMap.jsp?lat=30&lon=-90&name=http://server/getName.jsp?lat1=30&lon1=-90
becomes this: http://server/getMap.jsp?lat=30&lon=-90&name=http%3A%2F%2Fserver%2FgetName.jsp%3Flat1%3D30%26lon1%3D-90
I am sure that jsp has a function for this. Look for "urlencode". Your JSP will see the contents of the GET-Variable "name" as the unencoded string: "http://server/getName.jsp?lat1=30&lon1=-90"
We did a Fortify scan on our ASP.net application. We found that there many header manipulation issues. All the issues are pointing to Response.Redirect(). Please have a look at the below code where I encoded the parameters. Even then the below code is counted as header manipulation issue.
int iCount = 0;
foreach (string Name in Request.QueryString.Keys)
{
iCount++;
if (iCount > 1)
{
url += "&";
}
url += Name;
if (Request.Params[Name]!=null)
{
url += "=" + AntiXss.UrlEncode(Request.Params[Name]);
}
}
Response.redirect(Server.UrlPathEncode(page.root) + "\Test.aspx?" + url);
Can some body let me know what else is required to change here to resolve the issue?
Take off the Server.UrlPathEncode(page.root) portion and use Server.Transfer() instead of Response.Redirect().
Server.Transfer() transfers the user to another page on the same site and poses little to no danger of accidentally directing someone to another site.
Response.Redirect() is good for when you want to redirect someone to another site.
Also, Fortify doesn't tend to like Request.Params[] due to its possible ambiguity. A careful attacker may be able, on some servers, to send a UTF-7 or non-printing version of a name as one of the request variables and let the name of the variable contain the actual XSS injection, or overwrite the GET-request value with a cookie of the same name. Make sure both the name and value are htmlencoded, and consider using Request.QueryString[parametername] instead of Request.Params[parametername] to avoid more issues with Fortify.
Hopefully this gets you past your Fortify issues!
It appears that Fortify percieves Name as user defined and that will triger "Manupulation" error. If it's true try to use predefined list if possible.