[wp-trac] [WordPress Trac] #26878: Question mark in the url doesn't return 404 and can be abused
WordPress Trac
noreply at wordpress.org
Mon Jan 20 10:18:58 UTC 2014
#26878: Question mark in the url doesn't return 404 and can be abused
--------------------------+----------------------
Reporter: Andrew8192 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Query | Version:
Severity: normal | Resolution: invalid
Keywords: |
--------------------------+----------------------
Comment (by TobiasBg):
To add on, you might want to scan your site for malware. It's possible
that your site was hacked and that some malicious code is now listening
for those query strings and then delivers the undesired content.
As johnbillion said, `?` in a URL are perfectly fine, and coming back to
your example, surfing to
`http://twentytendemo.wordpress.com/page/4/?/example` will actually surf
to `http://twentytendemo.wordpress.com/page/4/` with `/example` (the part
after the `?`) sent as a parameter.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/26878#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list