Web application security - the fast guide 1.1 | Page 148

Chapter 7 - Attack execution (3) P a g e | 148 7.8 Attack XML XML format considered as a very important text format due to the special structure it provides which makes it very good medium to transfer structured data hence it was used as a holder for the data transmitted between client and server. A simple example about this type of usage is the following listing that illustrates the usage of XML format in an HTTP request to send data to a search page POST /search/searchPage.ashx HTTP/1.1 Host: victim.com Content-Type: text/xml; charset=UTF-8 Content-Length: 39 what to search When the server receives the request it will send the response also in XML format, response might be something like: HTTP/1.1 200 OK Content-Type: text/xml; charset=utf-8 Content-Length: 77 No results found for expression: what to search