Skip to Content

URL argument encoding

Because of the difficulties in passing arguments as URLs (which are highly constrained by the HTTP standard to contain only specific characters and whose character symbols are fairly overloaded), it makes more sense to encode all values as a URL payload, and pass this payload as part of the URL. This is what users normally see as part of the Sigma URL, that is, a long string of hexadecimal numbers rather than any path components.

Encoding and encrypting URL arguments

Encoding the URL payload provides extra security by obscuring the actual path name components of the system. It also provides the ability to pass any character regardless of its (possibly special) meaning. For example, Chinese characters can be passed as part of the URL without need for special language support. Binary data (including compressed data) can also be passed using this method.

The Sigma framework encodes the URL payload as a matter of course. Sigma provides various tools to encrypt URL arguments, including the system/sigcmd.exe framework component, discussed in later sections. The user can easily encode any single line of data. The encoding uses a proprietary block rotating, time sensitive, non-repeating cipher, which is highly secure.

The programming techniques to make use of this encoding are straightforward. The program developer either passes at URL argument to a function call or executes the system/sigcmd.exe command line utility to encode and encrypt the URL data before it is written to standard output.

Decoding and decrypting arguments

No facility is provided, or is required to decode URL arguments. This is because the "Web.exe" program decodes the encoded strings to navigate through the directory structure, and all information is presented to programs in already decoded and deciphered form.

This simplifies the URL encryption, and increases security, by eliminating the need (and possibility) of deciphering the encrypted URL data by application programmers. The decoding and decryption is provided as a built in service of the Web.exe program.

Related topics

Using

Using-Sigma-Web-Framework


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Defender SIEM Correlation Server 6.2