HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Share tech news, updates, or what's on your mind.

Sign up to Post

I'm writing a bot that mimics my browser, Chrome.

In Chrome, when I interact with the website I'm interested in, the website passes back a cookie "session" using the "Set-Cookie" header in the HTTP response. *However*, on the next HTTP request from the browser, the request headers have an entry "Cookie" with an *altered* value.

Please read my assumptions/guesses about what is happening, and comment if they are valid assumptions or not:

(1) the browser has changed the cookie's value (explanation: the server sent valueA in its http response, but now the browser is using valueB in its next http request)

If assumption (1) is true...
(2) What changed the cookie's value on the browser must be javascript, because only a script can change a cookie's value  on the browser, and the only script in this page is javascipt.

if assumption (2) is true...
(3) Chromes "Inspect Element > Network" tool shows me that 5 javascript files were part of the page request (out of a total of 28 files), so it must be one of these 5 that are changing the "session" cookie.

if assumption (3) is true...
(4) I should be able to find the code that changes the cookie value by searching for ".cookie=" (or similar with whitespace). (Explanation: http://www.w3schools.com/jsref/dom_obj_document.asp shows that the syntax for changing a cookie is document.cookie = "session=abc94g290" for example. Document may be assigned to a variable, so not safe to search for "document.cookie=")


Ok, …
0
Hello:

I am testing a feature that will display the referring URL on a page. I have Javascript on the page to get the referring URL from the header. How can I set the referring URL?

For example, I may be coming from google.com to about.com, but I want to change the referring URL, in this case, from google.com to something of my choosing.
0
I'm analysing HTTPS traffic between my Chrome browser and a 3rd party site of interest.

I notice that the website is passing back a cookie called "session" (in HTTP header "Set-Cookie"), but the next request from the browser has changed the cookie (its a long string of hex, maybe 100chars?, only the first say 20 chars have changed, but changed they have)... which is not what I expect to happen...

or is this being done by javascipt on the page when it loads?

I looked at the page searching for "cookie" but couldn't see anything.. however the page loads up a lot of other .JS scripts too... do I need to check all these too?

cheers
0
I'm using Chrome. Is there any way to look at the outgoing (request) HTTPS headers?

Maybe there are other browsers I could use instead that give me this functionality?

I've tried using Wireshark but it only shows HTTP headers.

thanks!
0
Hi,

I am trying to install Wordpress into a folder / directory on my website, which is hosted by Digital Ocean (droplet).

Considering Digital Oceans accounts are self managed VPSs i am not getting much luck with help from their support, which is understandable.

The main parent website (custom php) is working fine, however when i try to install the Wordpress into the /blog directory i get to the installation page, it seems that none of the wordpress assets (css, js, etc...) are loading, because the installation is trying to run on http instead of https.

screenshot
As you can see none of the assets are loading, so the same applies when you land on the blog home page AFTER you complete the installation steps...

Also, it is important to point out that i can't install any plugins to help, because if i try go to the admin login after the installation, i get looped back to the installation page because of the https issue.

Can anyone offer any advice, thanks in advance for your help.
0
Currently our web address http://www.mycompany.com properly takes to our web site but if we use SSL, i.e.:
https://www.mycompany.com will go nowhere. How to fix this issue?
0
I have a bit of an issue I can't seem to solve.  While troubleshooting something else on a server I noticed I couldn't access the internet.  After eliminating the basics with no luck, I tried accessing the internet from another one of my servers and noticed that I couldn't get to the internet either.  I found several more servers with the same problem.  I also found some servers that were able to access the internet.
This only seems to happen to http traffic and to all three server versions.

My environment:
100% VMware virtualized
Cisco UCS Blade servers
EMC VNX5400 SAN
Servers:  2003, 2008, 2012 (virtual)
Trend Micro esxi host based AV

What we have been able to eliminate so far:
Not happening to all serves
Not a Trend Micro issue because servers on esxi hosts with Trend working
Not a network issue
Not a firewall issue (Turned the firewall off to test)

Is there a KB that might be affecting port 80 traffic?

Any help would be appreciated.

Thanks,
0
Hello,

I have a Forefront TMG server that makes Web publishing. I would like to block a URL as input.

My main URL

https: //myservice.mydomain.dom/

What I want to block is:

https: //myservice.mydomain.dom/admin/indexAdmin.do

and only permit,

https: //myservice.mydomain.dom/index.do

Note that the publishing port and IP address are the same. So understand that I want to block the url.

Regards,

CK
0
Have a webpage that is opened from another system with parameters that can contain extended ascii characters:

http://<host>/submitpage.cshtml?pname=SomeName

Open in new window

The cshtml webpage reads the parameters as usual with:

var pname = Request["pname"];
and shows it on the page with @pname

Works fine for all browsers except IE (even IE11) when pname=Günther or another name with foreign characters; ü, ø and so on.

Example:
http://<host>/submitpage.cshtml?pname=Günther

Open in new window

results in G�nther
The webpage is using <meta charset="UTF-8" />

Why does this work in Chrome and Opera but not in IE?
Any solution? I have no control over the submitting system, som the url cannot be encoded before submit.
0
Hi, I am having trouble getting my webserver to execute a .cgi script. I am new to this stuff so I must have made a mistake along the way.

I enabled the mods which shows up in mods-enabled folder (cgi.load)

Here is my host config file with the script alias setup
<VirtualHost *:80>
   ServerName lesliekenton.com
   ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html/current

</VirtualHost>
<VirtualHost *:443>
        # The ServerName directive sets the request scheme, hostname and port t$
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        ServerName lesliekenton.com
        SSLEngine on
        SSLCertificateFile /var/www/home/lesliekenton.com.crt
        SSLCertificateKeyFile /var/www/home/lesliekenton.com.key
        SSLCACertificateFile /var/www/home/intermediate.crt

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html/current

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for 

Open in new window

0
I have having issues getting our URL rewrite to work. Our domain name is www.sbfoundation.org and it is running on2008R2 with IIS7.5. I have set up DNS records to allow the site to be accessed at sbfoundation.org but in order for our SSL certificate to function properly, I need to have sbfoundation.org rewrite or redirect to www.sbfoundation.org. I have tried configuring the URL Rewrite Module which created the following entry in the web.config file but this doesn't seem to be working

          <httpRedirect enabled="false" destination="http://www.google.com" exactDestination="true" httpResponseStatus="Permanent" />
        <rewrite>
            <rules>
                <rule name="CanonicalHostNameRule1" patternSyntax="Wildcard" stopProcessing="true">
                    <match url="(.*)" />
                    <conditions>
                        <add input="{HTTP_HOST}" pattern="^www\.sbfoundation\.org$" negate="true" />
                    </conditions>
                    <action type="Redirect" url="http://www.sbfoundation.org/{R:1}" />
                </rule>
            </rules>
        </rewrite>

I have also tried a few variations on the rule but I just don't seem to be able to get it to function. As best I understand it I believe I have all the bindings set up correctly but I am a little out of my depth here and hoping I have just made a simple mistake somewhere
0
I'm trying to have an IIS 8.0 website redirected to https when people hit it on http. How would I do that so it is transparent to the user?


Thanks!
0
Hi,

I have been using http post to interact with a text message service API from within VBA and it works really well. I am aware that Facebook updates can be updated using http post but am struggling to get this to work. It may well be that it is not possible to achieve, hence this post.

From the Graph API this appears to be the http post code

POST graph.facebook.com
  /{user-id}/feed?
    message={message}&
    access_token={access-token}

Open in new window


I have setup an app on Facebook and have all the access tokens etc

Below is a snippet of what I am using to make http post requests to the text service

    Set WinHttpReq = CreateObject("WinHttp.WinHttpRequest.5.1")
    
    myURL = "https://api.txtlocal.com/send/?"
    postData = "apiKey=" + apiKey + "&message=" + message + "&numbers=" + numbers + "&sender=" + sender
    
    WinHttpReq.Open "POST", myURL, False
    WinHttpReq.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
    WinHttpReq.Send (postData)
    
    SendSMS_textlocal = WinHttpReq.responseText

Open in new window


What I am looking to do is if you like, modify what I am using here to use HTTP post to update Facebook.

I am probably barking up the wrong tree and it's not possible, but I thought it worth an ask?  My issue is how to format the request to make the call.

If anyone could help that would be fantastic and much appreciated.
0
How does one test connectivity from a IIS web server instance in the DMZ to another web server on the internal network? The connection needs to take place over HTTP, but I'd also like to be able to ping as well.

As it stands, we can see the underlying server OS IP address trying to get through the Cisco ASA (5540), but that gets denied (obviously). What we want to do is connect over HTTP (or ping) from the IP address bound to an instance of the IIS web server.

(Forgive me if it's not called an "instance". I'm just talking about how you can bind a different IP address to different "websites" running under IIS.)

Any ideas how we can test connectivity under the alias of the website IP address on the IIS box? As if we were the website itself? I'd think it'd be doable.

Thanks in advance...
0
Hi, I want through following service and tested it also using Fiddler.

http://blog.anthonybaker.me/2013/06/how-to-implement-file-upload-restful.html

1. I am wondering, if we don't use fiddler, how the client is going to send files because in fiddler I can see Upload files button.
2. or should I prefer making action which takes encoded contents of file as bytes?
0
Hello,

I am attempting to move my site to HTTPS.
I am experiencing two issues:

1. My HTTP to HTTPS redirect is working properly, but I've noticed it's displaying a 302 redirect header status.
I understand it needs to be a 301 redirect - how do I fix that?

2. My post forms are no longer taking the user to their thank you pages. Instead, they're giving a 404 error upon submitting.
I'm guessing this is because of difference in protocol. Any ideas on how to approach this?

Here are the necessary details:
- Server: Windows 2008 R2/IIS 7.5
- SSL certificate properly installed and functional
- IIS settings:
- HTTP redirect module: not used (no redirect set up)
- SSL settings module: "Require SSL" is not checked. Under client certificates, "Ignore" is chosen.
- Two key details from my web.config file:
<add key="UriScheme" value="https" />

<rule name="HTTP to HTTPS redirect" stopProcessing="true">
  <match url="(.*)" />
    <conditions>
      <add input="{HTTPS}" pattern="off" ignoreCase="true" />
    </conditions>
  <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
</rule>
0
I work with a website http://indianvisa-bangladesh.nic.in/visa/ But every morning a lot of people visit this website, so the site get busy and i can not visit or enter into this site, is there any way to enter or visit this website while the server was busy? or Is there any way the server give me high priority to enter ? I need the solution very urgent. Thanks.
0
I have put data into the text field (search by serial) on this web page

http://www.bike-parts-honda.com/




I dont know how to trigger the onchange event of the website field in VBA Access code.
Private Sub SubmitVIN(strVIN As String)
    Dim i As Long
    Dim objElement As Object
 
 
 
    Set objCollection = IE.Document.getelementsbytagname("input")
 
    i = 0
'    loop around and look for input field and populate with data
    While i < objCollection.Length
        
        If objCollection(i).Name = "val11" Then
            ' Set text for search
            objCollection(i).Value = strVIN      'passed to this routine by main procedure
            
        End If
        
        
        i = i + 1
    Wend
    
'    now trigger on change event of input field
    
    ' Wait while IE re-loading...
    Do While IE.Busy
        DoEvents
    Loop
    
    ' Clean up
    Set objElement = Nothing

End Sub

Open in new window

0
Hello Experts,

I have just created a HTTP Server on my Windows 2008. However, whenever I try to http to folder 'to be shared' http:10.1.35.130\tobeshare I get the following error.
404
0
Hi,

I am pretty new to web services as a whole and I'm trying to access and return data from a web service for a data project.

Everytime I send the Web Request I am receiving a 400 Bad Request message, now I am unsure if this is their end or mine. Is there any chance someone can look over this code and tell me if there is anything wrong out of the blue?

I was told to send the following headers in my request:

'Accept', 'Accept-Encoding','Authorization','Content-Length','Date'.

Now to my knowledge I have covered this in my code below yet I still receive a 400 Bad Request.

Dim _auth As String = String.Format("{0}:{1}", "user", "pass")
        Dim _enc As String = Convert.ToBase64String(Encoding.ASCII.GetBytes(_auth))
        Dim _cred As String = String.Format("{0} {1}", "Basic ", _enc)

        Dim getVars As String = "?type=Q&dln0=ABCDYAZ123&ind0=P&pc=BS23+1DE&"

        Dim WebReq As HttpWebRequest = DirectCast(WebRequest.Create(String.Format("https://myurl/this", getVars)), HttpWebRequest)

        'This time, our method is GET.
        WebReq.Method = "GET"
        WebReq.Accept = "application/json"
        WebReq.ContentLength = 0
        WebReq.AutomaticDecompression = DecompressionMethods.None
        WebReq.Headers(HttpRequestHeader.Authorization) = _cred
        WebReq.Date = Date.UtcNow

        'From here on, it's all the same as above.
        Dim WebResp As HttpWebResponse = DirectCast(WebReq.GetResponse(), HttpWebResponse)
        'Let's 

Open in new window

0
Hi There,

I am currently running a number of ad campaigns that I am buying on behalf of a client. To preserve my Intellectual Property, I do not wish to pass on the referrer to their website.

How can I write a page in coldfusion that will not pass on the referrer id or alternatively how can I make sure that I only pass through the  url of our ad server (which is preferable).?

I may want to host this page on our 'ad server' so that all tracking links will be formatted like

http://www.myadserver.com?url=http://www.finaldestinationurl.com

where http://www.myadserver.com is where I will host this page

and http://www.finaldestinationurl.com is where I want to send the visitor.

If I could put the referrer as www.myadserver.com, that would be preferable.
0
Hello,

I'm using Google Chrome as my browser. When I log into my Yahoo account (and on a few other pages), https is enabled.

On the other hand, when I'm trying to sign into my Experts-Exchange account (or my Skype Account), https is crossed out with a red line.

I'm sure this hasn't happened in the past, .... so why can't I now log into EE or Skype with https enabled?

Many thanks

HA
0
Dear All,
Is There any way to compress large form posts  in client side (in java script )before sending them to the server i have already used  
rawdeflate.js
   var filesSelected = document.getElementById("fileUploadName");
        if (filesSelected.files && filesSelected.files[0]) {
            var fileReader = new FileReader();
            var fileToLoad = filesSelected[0];
            $("#inflated").val(Base64.btou(RawDeflate.inflate(Base64.fromBase64(fileToLoad))));
        }

Open in new window

but it give me an error  in base64.js "Uncaught Type Error: Cannot read property 'replace' of undefined"
so any idea what the problem or is there any way to do the require with onther way
thanks
0
Hi

Often our users need to download files from HTTP or HTTPS sites. Can someone tell me if it's more secure to download from HTTPS than HTTP?  If so -

i. What are the benefits of download a file using HTTPS over HTTP?
ii. What attacks/vulnerabilities occur when download a file using HTTP?
iii. If there was no anti-virus on the desktop, could download a file using HTTP constitute a threat?
iv. Is (iii) enough to warrant blocking HTTP downloads?
0
We have a website hosted on thirdparty  hosting provider. We are planning to bring the site to inhouse but leave the admin page there for references.

Example:
website http://abc.com we want to bring in house.
website http://abc.com/admin has to be with hosting provider.

How can we achieve this?
0

HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Top Experts In
HTTP Protocol
<
Monthly
>