Background: Web/Html forms are a process which allows users/viewers to Enter information on a web page which will then be sent to the web server for processing. The most common method for processing is called CGI ( Common Gateway Interface ) and this stipulates how the data will be passed to an external ( from the web server) program and how that program will generate web page to be displayed back to the user. The HTML form can specify one of two methods for data to be sent from the webserver, the first is GET which specifies that all information is included in the requested URL. The second is POST which specifies that additional information will be sent after the URL request. While there are advantages of both the biggest advantage of GET is that since everything is in the URL the input (and resulting display) can be bookmarked or saved in a link so that the data doesn't need to be re-entered each time. The biggest advantage of POST is that there isn't a limit on the size of the data which can be passed, so may claim that it also allows data to be passed secretly but that is a fallacy. What is not necessarily widely known is that since most writers of CGI scripts use libraries to decode the form data and most library writers check for a decode both GET and POST automatically and treat both types the same, you can turn most POST forms into GET requests/links which allow for documented exploration. HTML forms and GET (and POST) encoding is well documented on the web, and the source code can be easily viewed in most browsers with view source options.
GET arguments are the simplest means of querying a dynamic web page for specific information. They consist of a simple modification to the base URL, beginning with a "?" sign after the filename. Not all websites provide GET argument interfaces as part of their information portal, but many do.
For example, the Google web interface can be queried directly by URL. If you wish to search Google for "Wikipedia", you can simply type the following directly into your address bar: http://www.google.com/search?q=Wikipedia
Everything after the "?" is the GET argument, which tells the Google server what you are interested in. If you are unfamiliar with this, try experimenting by changing the text after the "q=" in the above URL.
Knowing GET arguments can be useful for everyday browsing, but are also a lot of fun for hackers (mostly the harmless type) to play with in writing computer scripts. Most web pages that allow GET queries do not, however, provide any documentation of the available parameters. In the Google URL above, it is easy to determine that the "q=" string indicates your "query" and whatever follows it is what Google looks up. The arguments are not always easy to decipher, however.
The idea of the GET Wikibook is to allow hacker types who have bothered to decipher cryptic GET strings to share their discoveries.
- GET/Site list
- GET/IP list