What do the chars %7D mean in an url query?
53,487
%7D
is the ASCII code for the } character, which is probably leaking through from a template...
Related videos on Youtube
Author by
Niklas Rosencrantz
I'm as simple as possible but not any simpler.
Updated on July 27, 2021Comments
-
Niklas Rosencrantz almost 3 years
If I access my webapp with the url
/vi/5907399890173952.html
then it works but when I look in the log files then googlebot is trying to access a similar url which generates an exception:
/vi/5907399890173952.html%7D%7D
what does it mean and how can it be handled as an exception? The message from python is:
/vi/5251302833520640.html%7D%7D 404 20ms 0kb Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) module=default version=release140319 66.249.67.109 - - [19/Mar/2014:07:53:32 -0700] "GET /vi/5251302833520640.html%7D%7D HTTP/1.1" 404 84 - "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ms=21 cpu_ms=0 cpm_usd=0.000009 app_engine_release=1.9.1 instance=00c61b117c0bc0f980f2a37a6ac534786055d3ab E 2014-03-19 15:53:32.678 get() takes exactly 3 arguments (2 given)
The regex that I use for the url is
('/vi/(\d+)(\.html?)?', NewHandler)
Update 140319 21:54 CET
I think I've found the leakage from a jinja2 template:
{{scored_document.fields.0.value|safe}
I patched it with another
}
now. -
Raja Khoury about 7 yearsTwig was freaking me!
-
Wamadahama almost 7 yearsi was freaked by blade!
-
Alex Alexeev over 5 yearsI've just forgot to remove a
}
from a variable reference in js template literal -
Viacheslav Dobromyslov about 4 yearsTypeScript templates with IDE autocomplete spare my brains.
-
SagaRock101 about 3 yearswasted 1 hour checking on this