Link Query Strings

Anthing after and including a question mark ? in a link is called a query string.

When sharing a link, it is generally a good idea to remove the query string first. Everything after the question mark is called a query string. Query strings can sometimes contain an ID that would then correlate you with anyone else who clicks that link.

The reverse is also a threat, you should clean the query string on any links that you receive before opening them. We'll cover more devious query string attacks later, but you're more likely to run into query strings with advertising ids.

Some query strings may include legitimate data such as the time to start a Youtube video. t=1 means to start the youtube video at the one second mark instead of at the beginning, such as: https://youtu.be/dQw4w9WgXcQ?t=1

PreviousSafe Web Browsing Practices NextAdvertising/Cookie Tracking

Last updated 2 years ago