-3

I'm a complete layman and despite my utmost attempts (involving visiting about 100 different pages), I wasn't able to solve my problem. I'd be really grateful if anyone would be willing to help me out.

Say there is an elaborate website using Javascript, where you register, have your own profile etc. It asks you to register for one of a few time slots. You do it by clicking a hyperlink, which has this annoying feature (discussed elsewhere on this website, see here: how can url be hidden in hyperlink when mouse hover ) that it hides the link. Is there a way to uncover it?

By uncover I mean a way in which I would be able to register for a given time slot without clicking the hyperlink, but rather via copying that hidden link (or typing it in) to the address bar of the browser. I have tried using Firebug and Tamper Data, but to no success. Both programmes provided me with viable candidates for links, but when I copied them to address bar and pressed enter, it didn't result in a registration for a given time slot.

Finally, Tamper Data tells me that 'Content-Type=application/x-www-form-urlencoded', whereas Firebug indicates that 'enctype="multipart/form-data" right above the table with hyperlinks, so I begin to think there is some sort of encryption in place which is meant to prevent me from getting what I want. And I'm sure owners of this website would want to prevent me, but are they able to do it?

So all in all, is it even doable? Apologies if this all sounds too broad, I'll be more than happy to make it (or at least try to make it) more clear.

Thanks a lot and apologies, but I really don't know what I'm doing here.

Community
  • 1
  • 1
Pink and Floyd
  • 125
  • 1
  • 3
  • 2
    Lol that really depends. It depends on the website that build the tool. If they only hid it in a browser then yes you could easily hack around it. But if they built a check within their servers then no you cannot do anything about that. – yangli-io May 26 '15 at 01:00

1 Answers1

0

As Yang Li said: it depends.

If a website is using a lot of javascript to perform on screen changes and network requests, the likelihood of you being able to just use a URL (even if it is the url used by a javascript script) to perform an action is low.

Most websites these days that rely on javascript would have data elements hidden to the user which may affect the way an action is relayed to the server. Think hidden form elements.

And on the server side, who is to say that the order you are trying to use that URL in is correct? You would have to run through the code piece by piece, along with observing the network requests to be certain.

So in answer to your question, it MAY be doable. The more important questions is: is it advisable? I would suggest not tampering too much with the way the website works on your browser, as it was intended to be used in a certian way. You can't be sure of all of the side effects of using it in an unintended fashion.

stay_frosty
  • 217
  • 1
  • 8