Why GET parameter appears on URL but not in php script

Question

I have URL like this:

https://domain.com/myscript.php?par=<div>x12.l3 sdfa <div>

But when I make

var_dump($_REQUEST);

at start of my PHP script the parameter isn't listed (key "par" doesn't appear).

The value of par, is some html data including not escaped tags and spaces. Can this be the reason that par doesn't appear in var_dump ?

But when I run exactly the same script with same parameter in localhost:

https://localhost/myscript.php?par=<div>x12.l3 sdfa <div>

it works well.

I compared with tool both urls starting at "myscript.php", they match. So why I don't get the parameter on the server but in localhost?

Is maybe related to PHP configuration? It's the only thing I can think about that could be different.

Thanks in advance.

Answer 1

Yes, it was different configuration of the server. In this specific case, allowed length of GET parameters (or URL, not sure).

Answer 2

If you are using this script on a shared hosting server, or a server that someone else configured, then it is likely that there are some security measures in place to protect against GET variables such as the one you posted.

Measures could include mod_security, applicative firewalls and others.

Answer 3

change https://domain.com/myscript.php?par=<div>x12.l3 sdfa <div> to https://domain.com/myscript.php?$par=<div>x12.l3 sdfa <div>

but $ before par. hope this works :)