Hiddens - Host Info
Fortify WebInspect analyzes all forms and then lists all controls of the type "hidden" (i.e., controls that are not rendered but whose values are submitted with a form). Developers often include parameters in hidden controls that can be edited and resubmitted by an attacker.
-
Select Hiddens from the Host Info panel to list all URLs that contain hidden controls.
-
Click a URL to view the name and value attributes of the "hidden" controls contained in that URL.
-
Double-click an entry to locate in the navigation pane the session that contains the hidden control. Focus switches to the Hiddens choice in the Session Info panel.
Use the Search feature at the top of the information pane to locate the text you specify. To conduct a search using regular expressions, select the Regex button before clicking Find.
You can copy the HTML text to your clipboard by highlighting the text and selecting Copy from the shortcut menu.
If you double-click a URL, Fortify WebInspect highlights in the navigation pane the session that contains the URL.
See Also