0

Say i did something like https://SomeSite.com/variableThing=**MyValue** instead of https://SomeSite.com/variableThing=**DefaultValue**

Can I be held accountable for any errors that the variable generates on the server end.

The servers are probably owned by my local organization, and I have not agreed to any statements the software my organization is using.

Improve this question
3
  • Which country's legal governance are you under
    – belkarx
    Commented Apr 10, 2022 at 3:17
  • United States of America, or U.S
    – Dave
    Commented Apr 10, 2022 at 3:18
  • Do the site's terms of service say anything on the matter?
    – phoog
    Commented Apr 10, 2022 at 20:23

1 Answer 1

Reset to default
3

Awareness of consequences

If you knew (or had reasons to suspect) that the server end implemented something like (whether intentionally, or by way of a bug/omission):

if variableThing == **MyValue** {
    causeALotOfTrouble()
}

— then yes, you pretty much can be held accountable.

Otherwise highly unlikely. By default, it is reasonable to expect that servers handle/filter/sanitise user input properly no matter where the request comes from, so modifying a URL is merely seeking certain data from the server — which it is free to supply or deny.

For example, if MyValue is an SQL injection attempt, then yes. If it is trying to filter out the results by a certain criteria, then no.

Improve this answer
4
  • 1
    Would it matter whether the request is an HTTP GET request (of which the standard explicitly says that the client can not be made responsible for any side-effects) or an HTTP POST?
    – Jörg W Mittag
    Commented Apr 10, 2022 at 18:49
  • 2
    @JörgWMittag the HTTP spec will not serve as a defense in court. If someone makes a particular HTTP request knowing -- or even suspecting -- that the request will have certain consequences, then the court will hold that person liable for those consequences.
    – phoog
    Commented Apr 10, 2022 at 20:34
  • Thank you for your answer, I hope I didn't break anything. May have a long day ahead of me once i return to my organization tomorrow.
    – Dave
    Commented Apr 11, 2022 at 5:02
  • If there is a bug in my server software that makes it crash on certain url requests, and you know or suspect it, send one of these requests and my server crashes, you are guilty.
    – gnasher729
    Commented Apr 12, 2022 at 20:54

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .