Subscribe by Email

Wednesday, May 30, 2012

Explain the concepts of URL manipulation?

Today in this internet savvy world, I guess almost everybody is familiar with what is an URL or uniform resource locator. 
If you see an URL, you can make out that it is nothing but a string of characters. These characters add up to mark up a reference string which points to a source from internet. A uniform resource locator was previously known as uniform resource identifier.
The URLs came in to existence in the year of 1994 along with the introduction of the World Wide Web by Sir Tim Berners – Lee along with the contributions from the internet engineering task force. 
The format of a typical URL consists of the domain names along with the file paths and the forward slashes are used to distinguish between the different file names and folders. Name of the servers are preceded by a double slash. 

Components of URL

Let us now list the components of a typical URL in the order in which they are lined up in the URL:
  1. The scheme name which is usually a protocol.
  2. The scheme is followed by a colon
  3. Two slashes
  4. Name of the domain (if any depending on the scheme).
  5. A port number
  6. CGI (common gateway scripts) scripts
  7. Query string
  8. Fragment identifier (optional)

Categories of URL

- The URLs are categorized under two categories namely relative URLs and absolute URLs. 
- The relative URLs are used whenever the references contained in the resources refer to another resource. 
- These relative URLs are often conceived from the absolute URLs. 
- The URLs locate a resource based on their primary access mechanism. 
- There are various issues related to URLs like URL normalization, URL manipulation etc. 

What is meant by URL Manipulation?

- URL manipulation is just another name for URL rewriting.
- As the term itself suggests it is all about altering the parameters of the URL.
- The URL manipulation is used for good purposes also and for bad ones also. 
- It is a technique that is usually employed by the web server administrator for convenience and is often used by the hackers for nefarious purposes. 
- The original URLs of the resources are quite complicated and complex. 
- Therefore, a purpose of this technique is also to make it easy for the user to access a web resource by providing a simple URL. 
- URL manipulation technique is used so that the user does not require cutting, copying or pasting long and arcane string of characters. 
- This technique is also employed since remembering complex URLs is a difficult task and they are quite lengthy which makes it quite a tedious task for the users to remember or store it and use. 
- Therefore, using the technique of URL manipulation they are modified in to simple and short URLs which are comparatively easy for the users to remember. 

Wrong Use of URL Manipulation
- A nefarious use of URL manipulation is to use the URL of a legitimate site or web resource without the prior permission or knowledge of the site owner or administrator to redirect the users to an illegitimate web site or web resource. 
- Such illegitimate sites then may install malicious code on the hard drive of the user’s system.
- This may also have an intended purpose of increase the traffic on the attacker’s illegitimate web site or application.
- There is a term similar to the term URL manipulation called URL poisoning. These two terms may sound similar in meaning, though they are not. 

What is URL Poisoning?

- URL poisoning is a technique that is employed to track the activities of the user on the web. 
- This technique involves the addition of an identification number to the current URL of the web browser when that particular web site is visited by the user. 
- This URL with the ID number is then used for tracking the visits of that user on the sites.

No comments:

Facebook activity