Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
NewTypes2013-11-14 19:12:26
PHP
NewTypes, 2013-11-14 19:12:26

Space filtering in URL parameter

I'm writing my first site and I'm nailing up steel armor in advance every piece of code from the same "curious" people like me.

The thing is: http://site.com/?id=1

and this:

http://site.com/?id=1 _

In the first case, we have an id without a space, the second, on the contrary, with it. Before asking this question, I went through the sites and checked who is doing what in this case.

So, they react negatively to the space and send them to the forest:

- facebook - habrahabr

Ignore

- Google and its projects - Toster, Freelansim

For me, Google and Habr are authoritative in this regard (I think the administration of Habr has been taught by defacement), but oddly enough, the positions diverge.

To be or not to be?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
F
FanatPHP, 2013-11-14
@NewTypes

This question has nothing to do with "curiosity". And to think that this is in any way related to SQL is a direct road to injection.

And it has - to data validation and, in part, to usability and SEO.

A space is an irrelevant character, it can be trimmed automatically. So I'll talk about "partially valid" URLs in general. Considering that no one is now typing urls by hand, and search engines may have a bad attitude towards the existence of the same page with different urls - I would not skip it, I would give 404.

Report
D
DrNemo, 2013-11-14
@DrNemo 

$_GET = array_filter($_GET, 'trim');
and no spaces on the sides in all get variables

Report
D
donflash, 2013-11-14
@donflash

I am against such spaces, they are not needed

Report
A
Anton B, 2013-11-14
@bigton

What difference does it make if there is a gap or not?
Whether there is a space in the URL or not, $id will still be a number.

Report
B
Boris Syomov, 2013-11-14
@kotomyava

It is more correct to throw an error if such an argument is invalid, or if there is no page with id="1", because there will be no page duplication at different URLs. Also, if it concerns security issues and not SEO, then it is correct to check all input parameters by type and valid values, and use prepared statments and parameter binding when working with the database.

Similar questions
V
Vasiliy Adminko2015-06-03 20:48:05
Backup multiple guest virtual machines without shutting them down on VMWare Workstation 10 hypervisor? 3Reply
A
avshivtseva2017-05-19 16:08:30
Bitrix infoblock update script where to register? 2Reply
U
unlik2015-06-20 16:47:52
Installing Laravel 5.1 via phpstorm? 6Reply
Z
zhandosbai2015-06-24 21:12:30
User region specifier for Yii, which one to choose? 3Reply
J
Junior Bee2015-07-07 13:05:09
Add style to javascript variable? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question