Definition

URL manipulation (URL rewriting)

Part of the Network security glossary:

URL manipulation, also called URL rewriting, is the process of altering (often automatically by means of a program written for that purpose) the parameters in a URL (Uniform Resource Locator).

URL manipulation can be employed as a convenience by a Web server administrator, or for nefarious purposes by a hacker. An example of the constructive use of this technique is allowing an Internet user to access a Web site that has a complicated URL by entering a simpler URL into the address bar of a Web browser. The URL manipulation redirects the request so the user does not have to remember, manually enter, or meticulously cut and paste a long, arcane character string. An example of malicious URL manipulation is its implementation, without the knowledge of the affected server administrator or Internet user, for the purpose of redirecting user requests from a legitimate site to an illegitimate site. The bogus site may then install rogue code on the user's hard drive.

URL manipulation differs from URL poisoning , also known as location poisoning. That is a method of tracking Web user behavior by automatically adding an identification (ID) number to the URL line of the Web browser when a user visits a particular site. This ID number can then be used to determine which pages on the site the user visits thereafter.

This was last updated in March 2011
Posted by: Margaret Rouse

Related Terms

Definitions

  • RSA Security

    - RSA Security is a United States-based organization that creates encryption, network and computer security products. Ron Rivest Adi Shamir, and Len Adleman founded RSA as an independent company in ... (WhatIs.com)

  • air gapping

    - Air gapping is a security measure that involves removing a computer or network from any externally connected network physically and also ensuring there is also no wireless connection. The NSA TEMP... (WhatIs.com)

  • soft token

    - A soft token is a software-based security token that generates a single-use login PIN. Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for... (WhatIs.com)

Glossaries

  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.