pmak at aaanime
Mar 30, 2005, 11:58 AM
Post #1 of 1
(1573 views)
Permalink
|
|
"Sanitizing" URL query strings
|
|
Consider the following example URLs:
http://www.webhostingtalk.com/showthread.php?threadid=389233
http://www.webhostingtalk.com/showthread.php?s=&threadid=389233
http://www.webhostingtalk.com/showthread.php?s=&threadid=389233&perpage=15&pagenumber=1
They all link to the exact same webpage! But anything that relies on a
string comparison to tell two URLs apart will consider them to be
different things. Web browsers won't track visited/unvisited links
correctly. Search spiders may get confused by the duplicate URLs.
I wonder if it's worth it for a web application to sanitize all internal
<a href> links that it generates, such that if two URLs are passing
functionally identical parameters, they will be equal after
sanitization.
But the cost to the developer would be that he would have to declare
all the parameters each script can accept, as well as default values
for unspecified parameters. e.g. the pseudocode parameter definition
required for sanitizing links to showthread.php in the above example
would be something like:
s =
perpage = 15
pagenumber = 1
Thoughts?
---------------------------------------------------------------------
To unsubscribe, e-mail: asp-unsubscribe [at] perl
For additional commands, e-mail: asp-help [at] perl
|
