This attack targets the encoding of the URL. An attacker can take
						advantage of the multiple way of encoding an URL and abuse the
						interpretation of the URL. An URL may contain special character that need
						special syntax handling in order to be interpreted. Special characters are
						represented using a percentage character followed by two digits representing
						the octet code of the original character (%HEX-CODE). For instance US-ASCII
						space character would be represented with %20. This is often referred as
						escaped ending or percent-encoding. Since the server decodes the URL from
						the requests, it may restrict the access to some URL paths by validating and
						filtering out the URL requests it received. An attacker will try to craft an
						URL with a sequence of special characters which once interpreted by the
						server will be equivalent to a forbidden URL. It can be difficult to protect
						against this attack since the URL can contain other format of encoding such
						as UTF-8 encoding, Unicode-encoding, etc. The attacker could also subvert
						the meaning of the URL string request by encoding the data being sent to the
						server through a GET request. For instance an attacker may subvert the
						meaning of parameters used in a SQL request and sent through the URL string
						(See Example section).