URL requests, and embedded parameters within them, can contain malicious scripts. Attacks embedded in URL requests, or their parameters, are executed with the permissions of the executing component. The following is a partial list of attacks that can be perpetrated through unchecked URL requests or their parameters: injection of operating system or database commands into the parameters of a URL request, cross-site scripting, remote file inclusion attacks, and buffer overflow attacks.
Here is an example of malicious script within a URL request:
http://www.example.com/sharepoint/default.aspx/%22 );}if(true){alert(%22qwertytis
You can defend against these attacks by:
- restricting the allowed methods in headers and content for invoked URL requests
- restricting the number of request parameters and their lengths
- limiting file uploads
- specifying attack types to explicitly detect and block.
URL Protection uses a combination of these techniques to protect against various URL attack types. URL Protection defends the Service from URL request attacks.