|
|
|
|
|
|
by rbinv
317 days ago
|
|
|
Yup, ASP's "__VIEWSTATE" hidden form parameter comes to mind. It was base64-encoded and POSTed because it could get loooong (hundreds of KB). Terrible for browser navigation/refresh though, because pretty much everything was a form POST. Thus no URL state sharing, either. |
|
|
https://darkatlas.io/blog/critical-sharepoint-vulnerability-...