GIAC
GCIH · Question #147
GCIH Question #147: Real Exam Question with Answer & Explanation
The correct answer is A: You have entered any special character in email.. Certain special characters in form input fields can break server-side string processing or SQL queries, causing an unhandled server error.
Question
You have forgotten your password of an online shop. The web application of that online shop asks you to enter your email so that they can send you a new password. You enter your email [email protected] And press the submit button. The Web application displays the server error. What can be the reason of the error?
Options
- AYou have entered any special character in email.
- BEmail entered is not valid.
- CThe remote server is down.
- DYour internet connection is slow.
Explanation
Certain special characters in form input fields can break server-side string processing or SQL queries, causing an unhandled server error.
Common mistakes.
- B. An invalid email format would typically be caught by client-side or server-side validation and return a user-friendly validation message, not a server error.
- C. If the remote server were down, the browser would display a connection timeout or 502/503 HTTP error before the web application could even display a server error message.
- D. A slow internet connection would cause delayed responses or timeouts, not a server-side application error returned by the web application itself.
Concept tested. Input validation failure causing server errors via special characters
Reference. https://owasp.org/www-community/attacks/SQL_Injection
Community Discussion
No community discussion yet for this question.