Very helpful, thanks. Had the update this morning and there it was. It’s off now.
Very helpful, thanks. Had the update this morning and there it was. It’s off now.
Edit: speaking from US banking, I think it’s probably different in other countries with updated banking practices.
Recruitment scams tend to involve the hirer sending you a large check to cover office setup purchases from the hirer’s “trusted vendor” and you keep the excess as your first paycheck. Unfortunately, the check is fake and the vendor is just the hirer behind a fake website. But the check “clears” in a couple of days, so you think you have the money, and you spend that money in the fake website, then your bank lets you know the check was fake and takes all the money back.
I’m sure there are other scenarios but they all involve a fake payment that eventually gets taken back. Glad you weren’t taken in.
The problem with this is that reading the generated HTML behind a page that has been served to your browser does not prove that data was stored in an HTML source file. The data is inserted into the page while it’s being served to the browser. That’s what the JavaScript does after it requests the data from the backend code, which gets the data from the database (or whatever storage is being used) and sends it back to the JavaScript, which puts it in the page.
Saving data in source HTML files would mean every possible combination of data anyone might request must be saved in its own separate file, which is definitely not how web development is done. Laws should not be made by people who don’t know what they’re talking about.
Yup. I’m copying some Audible links now and the ampersand isn’t encrypted and the query string starts after the ? instead of the last slash, so there are different ways of doing it. We couldn’t guess at that, though! :)
Everything after the final slash is data. This data is stored in key/value pairs, where the key is a variable name that is expected in the server’s code and the characters following the “=“ is the encrypted value. Each pair is separated by an encrypted “&”, or “&”. Many times this string of values begins with a “?”.
https://example.com/path/to/item/?id=568953&name=shjbxsdhjhcdf&xyz=djkkgcdtjn
So we can maybe guess what the values might be but only if we know what the keys mean, and then we’d have to give exactly the right data for each key (id, name, xyz). For all we know the most important piece of data in that string is xyz
and it may be required, but we don’t know that so we strip the whole query string off and now have a useless URL.
Mostly, stripping off the query string should be fine if the path to the item you’re looking for is enough. Like the amazon example in the other comment. Other times, not so much.
Sorry for the novel, I can explain more if you’d like.
This is a great one: https://youtu.be/hLHi3wiSuWc?si=jIksepNQ6Wh-OZHe
Add It Up by the Violent Femmes