Network BASICS (I) http messages

Source: Internet
Author: User
Tags http authentication

Http is the hypertext transfer protocol, which is the communication protocol of Web programs. Generally, the browser sends an http request, and the server sends an http request. There are two common methods for http requests: get and post. The get method is used to obtain resources. It can send parameters to the locked resources in the form of strings. Generally, the get method is not used to transmit sensitive data. The post method is used to perform operations. It can also send parameters in the form of strings, but the url tag does not contain any parameters sent by the message body.
 
Http message headers can be used in requests and responses. The following lists the message headers that may be encountered during penetration testing:
 
1 Connection the message header tells the other end of the communication whether the tcp Connection is closed or maintained after the http message transmission is completed.
 
2 Content-Encoding: the message header is used to specify the Encoding format of the message body Content, generally gzip.
 
3 Content-Length this message is used to specify the Length of the message body.
 
4. the Content-Type User specifies the Content Type of the message body. For example, the html document type is text/html.
 
5 Transfer-Encoding specifies the Encoding used for the message topic to facilitate http transmission.
 
6. Accept tells the server that the client needs to request the data, slice, and audio.
 
7. Accept-Encoding tells the Server Client to Accept the content Encoding.
 
8 Authorization is used to send a certificate to the server for a built-in http authentication.
 
9. The Cookie is used to submit to the server the cookie previously set for the browser.
 
10 Host is used to specify the Host name that appears in the requested complete URL.
 
11 Origin is used in cross-Origin Ajax requests, and the user instructs the requested domain.
 
12 Referer indicates the original URL of the current request.
 
13 The User-Agent User provides information about the User's browser or local client.
 
14 Access-Control-Allow-Origin indicates whether resources can be obtained through cross-Origin Ajax requests.
 
15 Expires indicates the validity period of the message body. During the validity period, the browser determines that the message body is the latest.
 
16 Location is used to specify the redirection target in the redirect response.
 
17. Server indicates the Server information.
 
18 Set-Cookie
 
This article by youthflies posted on the easy to trace online http://www.yeetrack.com /? P = 158

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.