What is “URL Rewriting”?
Most dynamic sites include variables in their URLs that tell the site what information to show the user. Typically, this gives URLs like the following, telling the relevant script on a site to load product number 7.
The problems with this kind of URL structure are that the URL is not at all memorable. It’s difficult to read out over the phone (you’d be surprised how many people pass URLs this way). Search engines and users alike get no useful information about the content of a page from that URL. You can’t tell from that URL that that page allows you to buy a Norwegian Blue Parrot (lovely plumage). It’s a fairly standard URL – the sort you’d get by default from most CMSes. Compare that to this URL:
One of the way in which hackers attempt to gain access to restricted areas of a website is via URL manipulation. For example, a simple PHP script to show a record with the ID of 7 from a database might use a URL ending
showrecord.php?id=7. It would be easy for a hacker to change this to
To defend against this problem, you should take steps in several areas:
- Check the owner of every record before displaying it. This means adding a userid (UID) to every record and comparing it to the current user’s ID.
- Use POST rather than GET to send the form data (i.e.
<form action="action.php" method="post">). This prevents URL manipulation, as the data is sent in the HTTP headers and not in the URL.