Status code for HTTP
In the first line of the response message, the most important is the status code of the HTTP, the HTTP status code consists of three digits, and the first digit defines the category of the response:
1xx. Information hint, indicating that the request has been successfully received, continue processing, scope 100~101
2xx. Success, the server successfully processed the request, scope 200~206
3xx. Redirect, the accessed resource has been moved and tells the client the new resource address location, the browser will re-initiate the request to the new resource, scope 300~305
4xx. Client Error status code, the server sent by the client can not process, such as malformed requests, or the request does not exist URL, scope 400~415
5xx. The client sends a valid request, but the Web server itself has an error, either the server is running in error or the website is hung, describing the server internal error, scope 500~505
Common Status Codes:
200: Client Request succeeded
302: Redirect
404: Request resource does not exist
400: Client request has syntax error
401: Request Unauthorized
403: Server receives request, refuses to provide service
500: Server Internal Error
503: The server is currently unable to process client requests and may return to normal after some time
HTTP messages are also called HTTP headers made up of four parts
Request header, response head, normal head, solid head
Common Request Headers
The 1.Host request header domain is primarily used to specify the Internet host and port number of the requested resource
The 2.user-agent request header domain allows the client to tell the server about its operating system, browser, and other properties
3.Referer contains a URL that represents the previous URL of the current access URL
4.Cookie is a piece of text that is commonly used to represent the requestor's identity
5.Range: Part of the request entity, multi-threaded download will definitely use this request header
6.x-forward-for is the XXF header, which represents the IP on the requester side, can have multiple, separated by commas
The 7.Accept request header field is used to specify which MIME-type information the client accepts, such as accept:text/html indicates that the client wants to accept HTML text
Response header
The Web server name used by the 1.Server server can be viewed by looking at this header to probe the Web server name and recommend that the server side modify this header information
2.set-cookie sets a cookie to the client that can clearly see the cookie information sent to the client by the server
3.last-modified tells the browser resource last modified time
4.Location: Tell the browser which page to visit, with 302 yards to use
5.Refresh tells the browser to refresh the browser regularly
Normal head
A few header fields are used for all request and response information, not for the transferred entity, only for the transmitted information, to understand
Solid Head
Both request and response messages can be routed to a single entity header. The entity header defines meta information about the entity body and the resource identified by the request, which is the attribute of the entity content, including the entity information type, length, compression method, last modified time
1.content-type the media type used to prompt the receiver for the entity
2.content-encoding is used as a modifier for the media type, and its value hints at the encoding of additional content that has been applied to the entity body, and the decoding mechanism of the response is required to obtain the media type
3.content-length the length of the body of the named entity, expressed in decimal digits
4.last-modified used to indicate the date and time the resource was last modified
Impersonate an HTTP request: Impersonate an HTTP request with Telnet
HTTP and HTTPS protocol differences: HTTPS is more secure
Intercept HTTP requests: Burp Suite Proxy and fiddler
HTTP application: Search engine Hijacking: Links
Continue the HTTP request process
