Edit: Let's take a look at this: http://www.bkjia.com/Article/200906/38773.html
Hi.baidu.com/xisigr
Http Parameter Pollution (HPP. HTTP parameter contamination attack.
Now I will list a small example of HPP:
The following link is displayed on the search page:
Http://www.qihoo.com/wenda.php? Kw = hack & do = search & src = wenda_search & area = 0% 26% 6B % 77% 3D %
67% 69% 72% 6C
2. Click the next page. The following search page appears.
Through the above example, we can find that we searched for the keyword "hack", but now it is changed to "girl. This example has no attack color. The HPP attack idea is not only about this method. We can also use HPP to bypass the firewall, IPS, or spoof users to execute malicious scripts. The following are detailed HPP documents and HPP --- Yahoo! Mail classic attack video. The usage method of HPP in this document has been described in great detail, so I will not comment on it.
Asp.org/images/ B /ba/AppsecEU09_CarettoniDiPaola_v0.8.pdf "> http://www.owasp.org/images/ B /ba/AppsecEU09_CarettoniDiPaola_v0.8.pdf
Http://www.milw0rm.com/video/watch.php? Id = 104