Attacking The SEO Friendly URL.

Publicated on : 1182389893
The more things change, the more they stay the same. There was a time I cared about SEO, but that is long ago. It is a strange field because SEO implies that a website isn't correctly build from the start, and needs optimizing. Which you could take as an insult. Hence the name: SEO. Which actually is cheating your pants off, because any website with a theme and good content can reach a decent page rank with a little patience. Just like a flower: it only needs some time and love, not a racket full of search engine marketeers. ^^

Anyway, let's get back on topic. You've seem them those search engine friendly urls: www.site.com/page/01/2007/. Ever tried to inject them with some Javascript? if not, why not? don't be afraid, because even those programmers make mistakes when they use Apache mod_rewrite to rewrite the URL.
It basically is the same deal here: unsanitized user input.

I made an example to illustrate this: