Why does curl/wget in the ebay search box give me an access denied error?
I assume that ebay.com installed a Web Application Firewall, which recognizes your request as a possible attack. Therefore, your request is cancelled and you receive a HTTP 403 - Access Denied
. The mod_security WAF for Apache, nginx and IIS behaves similar: If it is in prevention mode, it will also respond with HTTP 403
by default [1].
Most WAFs have some kind of a rule set. They check whether your request matches one of their rules, maybe with regular expressions. I assume further that one of those rules looks like (wget|curl) (http|https)://.*
[2]. The "sanitizing" of double forward slashes in your url happens most likely on the application level. Strings like asdf//
will also be shortened to asdf
.
[1] https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#secdefaultaction
[2] Skipped escaping of forward slashes for the sake of readability