SessionId Test Site

The form contains two hidden fields that store the sessionid and another sessioninformation

Method : post
Name : form1

<form action="data2html.asp" name="form1" enctype="application/x-www-form-urlencoded" method="post">
   <input type="hidden" name="sessionid" value="<%=sessionId%>">
   <input type="hidden" name="visited" value="<%=intVisit%>">

   SessionId: <input name="info" value="<%=sessionId %>" >
   Times Visited: <input name="visi" value="<%=intVisit %>" >
   <input type="submit" value="Post">
</form>

SessionId:
Times Visited:

Build 617

  1. Hidden fields found

Session information in the query string, http method 'post'

Method: post
Name : form2
The action string looks as follows:
action="data2html?mySession=currentSessionid"

 

<form name="form2" action="data2html.asp?mySession=<%=sessionId%>"   enctype="application/x-www-form-urlencoded" method="post">
   <input name="suppi" value="TextField">
   <input type="submit" value="Send">
</form>



Session information in the query string, http method 'get'

Method: get
Name : form3
The action string looks as follows:
action="data2html?mySession="currentSessionId"

 

<form action="data2html.asp?mySession=<%=sessionId %>" name="form3"   enctype="application/x-www-form-urlencoded" method="get">
  <input name="subber" value="Textfield"
  <input type="submit" value="Send">
</form>



Result:

  1. The query string in the action string has to be ignored

 

Build 651 all ok