[Owasp-sydney] XSS/Phising with PDF
halans at gmail.com
Wed Jan 3 19:15:55 EST 2007
Yes, you're right, it's an anchor, not a request parameter at all.
On 1/4/07, kuza55 at gmail.com <kuza55 at gmail.com> wrote:
> Actually, I don't think the server can, because browsers don't send
> the fragment after the # symbol, break out Ethereal or something and
> have a look; when you go to any URL, the segment after the # isn't
> sent; I presume that is because its not relevant to what page the
> server sends, it is only relevant to the browser.
> - Alex "kuza55"
More information about the Owasp-sydney