HTTP

See also: Protocols | HTTPS | HTML | HTTPd

Acronym: HyperText Transfer Protocol

It is the standard protocol for interfacing between web servers and clients (web browsers).

An HTTP session goes something like this:

Client says:

GET /path/to/file.txt HTTP/1.0

Host: foobar.com

Server says:

HTTP/1.0 200 OK

Content-Type: text/plain

Content-Length: 12

Hello, there!Connection closes.

The above example only shows a very small subset of what can be done over HTTP.

“GET” is the method. Other commonly used methods are “POST” (post some data to the resource), “PUT” (put some data on the server at the specified location), and “HEAD” (just get the header that would be sent if you had ‘GET’ted the resource). “/path/to/file.txt” is the path to the resource we are requesting, and HTTP/1.0 is the protocol we’re using.

The “Host: foobar.com” and “Content-*” lines are headers. They are sent by both the client and server before a pair of newlines (<CR><LF>s) followed by data (‘Content’). For ‘GET’ requests, the client does not send any data, and for ‘HEAD’ requests, the server does not send any.

Note that we now have HTTP/1.1, which is more powerful than HTTP/1.0, but also much more complicated, and therefore harder to implement. Using HTTP/1.1, you can use different ‘Transfer-Encoding’s, for instance, so that you can send data in chunks (so you don’t have to know how long the data you’re sending is ahead of time). HTTP/1.1 also allows for the connection to remain open so that you can send more than one request without starting a new TCP connection.

If you want to do some HTTPing yourself, you can open up a telnet session to your favorite website on port 80, and type in

GET / HTTP/1.0<enter>

Host: foobar.com<enter>

<enter>

and you should get a web page. You can also performsimilar requests with netcat. For example:

printf “GET /index.html HTTP/1.1rnHost: takedown.netrnrn” | nc takedown.net 80

If printf is not available on your system/OS of choice,

you can generally do something similar with echo, or a

related command.

TakeDown.NET -> “HTTP