Hi folks,
Just wondering about something.
I'm cooking up a user-registration page where the users can enter their e-mail address, etc.
The
servlet is set up to validate all the user details for username length, invalid characters and so on.
If the user has any invalid details, the servlet sends them back to the user-registration page (a
JSP) and adds arguments like &username=Bob to fill out the form so the user doesn't have to fill the whole form again.
Currently, if the username etc. contain invalid characters e.g. ampersands, my servlet will not bother to send the username in the argument list, so as to avoid breaking it.
The problem is that according to the relevant RFC, some valid e-mail addresses may contain characters like the ampersand which will break my argument list. So I can't neglect to send the e-mail address.
I guess it's fine if the argument list is broken as long as it's only a minor user-experience issue which affects a very small number of users, but
the main question is: is it technically possible to use a bad or broken argument list (e.g. by inputting a carefully-formatted "e-mail address") to cause an exploit? If so, what would render the page vulnerable/invulnerable to such an exploit?
Thanks in advance for any replies.
- NN