Hi,
I want to use a display filter for all the HTTP GET Requests which are of the form as shown below:
index.php?something=
As far as I know, the _expression_, "http contains" does not support perl compatible regular expressions.
I am using this display filter at the moment:
http.request.method == "GET" && http contains "php?"
however, it also displays some GET requests to paths as shown below:
/images/nature/forest.jpg
Even though the GET Request to the above path does not contain the string, php?
My guess is that it displays those frames as well because they belong to the same tcp stream as the one which involves the GET request to php files?
http matches does support PCRE but then, I cannot use it with the above form.
It would be
great to make
this display filter more exact.
Thanks.