[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Share tech news, updates, or what's on your mind.

Sign up to Post

What are the steps required to change an IIS hosted website from HTTP to HTTPS?
0
OWASP Proactive Controls
LVL 12
OWASP Proactive Controls

Learn the most important control and control categories that every architect and developer should include in their projects.

How do I get the actual TOTAL byte size of the HTTP header being sent to a server? Is there any way in Chrome to see the size of the complete request?
1
I have a service which calls a web service returning text data. Basically service is trying to return a file content which is mostly text.

here is my service call

getFile(title: string, identifier: string) {
    console.log('returning service');
    return this.http
      .get(this.constructFileURL(title, identifier), { headers: this.createHeader() });
  }

Open in new window


Here is how I am subscribing to it

 getFileContent(title: string, display: DisplayContent, identifier: string) {
    console.log('calling service');
    this.fileService.getFile(title, identifier).subscribe(results => {
      console.log('displaying results');
      display.content = JSON.stringify(results);
      console.log(display.content);
      this.data.changeContent(display);
    });
    return this.fileData;
  }

Open in new window


I am getting following error on the console. Note : 'console.log('displaying results')' is not getting printed on the console

HttpErrorResponse {headers: HttpHeaders, status: 200, statusText: "OK",
error
:
SyntaxError: Unexpected token e in JSON at position 1 at JSON.parse (<anonymous>) at XMLHttpRequest.onLoad (http://localhost:4200/vendor.js:7822:51) at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (http://localhost:4200/polyfills.js:14960:31) at Object.onInvokeTask (http://localhost:4200/vendor.js:36079:33) at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (http://localhost:4200/polyfills.js:14959:36) at Zone.push../node_modules/zone.js/dist/zone.js.Zone.runTask (http://localhost:4200/polyfills.js:14727:47) at ZoneTask.push../node_modules/zone.js/dist/zone.js.ZoneTask.invokeTask [as invoke] (http://localhost:4200/polyfills.js:15035:34) at invokeTask (http://localhost:4200/polyfills.js:16079:14) at XMLHttpRequest.globalZoneAwareCallback (http://localhost:4200/polyfills.js:16105:17)
text
:
"test"
__proto__
:
Object

Open in new window


Not able to figure out what is wrong. I do convert JSON to string just to be safe as show in the code
0
I have had a few people tell me that when trying to visit a site using safari on their iPhones, they get an error that says:

Safari cannot open the page because the server cannot be found.

I asked other people to test on their iPhones and they said it works fine. After asking Google about this it seems that the answer is always something to do with the phone itself. But, it is not realistic to ask everyone with an iPhone to check this setting, and check that setting in order to try use the website.

Does anyone have any suggestions regarding this?
0
Because I am taking over for an ex-employee, I am tasked with finding out why a visitor who's logged in session times out 24 hours after inactivity can still see certain things that they should only be able to see when logged in, like special pricing. It was originally designed this way, because the boss wanted government customers who have logged in at some point to always be able to see their government pricing, whether they were currently logged in or not. Now, that decision has been reversed, and we only want them to see their government pricing if their current logged in session is valid.

we use Symfony2 on Unix / Apache if that matters

I have no idea if it's a cookie, a session, or whatever else

I know we utilize both but I don't know if the answer lies in either place
0
HttpURLConnection getInputStream throws below errors sometimes -

java.lang.RuntimeException: java.io.IOException: Server returned HTTP response code: 500

Open in new window


Here is the part of callstack -

09:05:02,198 ERROR [stderr] (http-/111.222.333.444:11800) java.io.IOException: Server returned HTTP response code: 500 for URL: https://111.222.333.444:11800/xyz/myapp/3.0/urn:name:ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJ
09:05:02,198 ERROR [stderr] (http-/111.222.333.444:11800)   at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1628)
09:05:02,199 ERROR [stderr] (http-/111.222.333.444:11800)   at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)

Open in new window


This is a how my code looks like. This is not a client code. This runs on server like Tomcat -

private void getResult(HttpURLConnection urlconnection,
            String result) {
        BufferedReader bufferedReader;
        String line;
        try {

            bufferedReader = new BufferedReader(new InputStreamReader(
                    urlconnection.getInputStream()));

            while ((line = bufferedReader.readLine()) != null) {
                result += line;
            }

            bufferedReader.close();
        } catch (Exception ex) {
            String error = String.format("Invalid InputStream, %s",
                    ex.getMessage());
        }

        return;

}

Open in new window


The URL that I have prepared looks like below -

 https://111.222.333.444:11800/xyz/myapp/3.0/urn:name:ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJ

Open in new window


Can this be java problem or server is responsible for this? What could be the problem?
0
Hi Experts,

I'm looking to modify the below to be an update instead of a select.
however not sure where do I put in the body param as specified below
https://howto.caspio.com/web-services-api/rest-api/older-rest-api-versions/table-operations/

Function GetDataFromCASPIO1()
    Dim objHTTP As New WinHttp.WinHttpRequest
    Dim docXML As MSXML2.DOMDocument
    Dim ResponseText As String
    Dim curNode As IXMLDOMNode
    Dim oNodeList As IXMLDOMSelection
    Dim s As String

    Set docXML = New MSXML2.DOMDocument

    Set objHTTP = New WinHttp.WinHttpRequest
    URL = "https://MyAccount.caspio.com/oauth/token"
    
    objHTTP.Open "POST", URL, False
    objHTTP.SetRequestHeader "Content-Type", "application/x-www-form-urlencoded"

    objHTTP.Send 
    ResponseText = Right(objHTTP.ResponseText, Len(objHTTP.ResponseText) - 17)
    access_token = Left(ResponseText, InStr(ResponseText, """") - 1)
    'Debug.Print access_token


    Set objHTTP = New WinHttp.WinHttpRequest

    URL = "https://MyAccount.caspio.com/rest/v1/tables/Skilled_Nursing_Visit_Note/rows?q={""limit"":10000,""where"":""visit_date>=GetDate()-7""}"

    '''objHTTP.Open "GET", URL, False
    objHTTP.Open "Put", URL, False
    objHTTP.SetRequestHeader "Accept", "application/xml"
    objHTTP.SetRequestHeader "Content-Type", "application/json"
    objHTTP.SetRequestHeader "Authorization", "Bearer " + access_token


    objHTTP.Send
    'Debug.Print objHTTP.Status
    'Debug.Print objHTTP.ResponseText
  

Open in new window

0
Hi,

Found these meta tags to ensure a page always reloads.

<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="0">

Open in new window


Seen some pages where, despite having them, the cache still is used.

What can you recommend to add to these to be sure that the page arrives fresh each time?

Thanks!

OT
0
How do I send a http request to a webserver using post without a web browser.

IE this will come from a script, what does the script look like?

Andy
0
I am trying to connect to a secure VAN and push and pull files over a secure connection.  As we are trying to set it up, the people at the VAN are getting this error.

Error Message:

AS2 Outbound has a HTTP proxy server to connect through.Probably error while connecting to proxy : [Error sending document over http to host [http://X.X.213.93], status code [405], reason [Method Not Allowed], response from server [<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">< html xmlns="http://www.w3.org/1999/xhtml">< head>< meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>< title>405 - HTTP verb used to access this page is not allowed.</title>< style type="text/css">< !-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em...]]

Summary:

Sending of document [167499846.edi] to [http://X.X.213.93] FAILED

Any ideas of what I am missing or doing wrong?  The X.X.213.93 is the public IP of my machine receiving the files.

Thanks
0
Why Diversity in Tech Matters
LVL 12
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

Need to write a script which:
1. Download the json file (curl request)
2. Rename the file to  YYYYMMDDHHMM_lng.xml
3. Push it to a shared folder (for example //192.168.1.1/log)
0
Hi Experts

I am working on a wagtail project(like django-cms) I get this error when I run python3 manage.py runserver 0.0.0.0:8000

 
code 400, message Bad request syntax 
  ('\x16\x03\x01\x00®\x01\x00\x00ª\x03\x03³\x06âP\x97Þ%<Sg\x13Ö×[zE\x96\x15?
  \x96\x00\x1ah')
  You're accessing the development server over HTTPS, but it only supports 
  HTTP.

Open in new window


I had changed SECURE_SSL_REDIRECT=FALSE and tested it still i get this same error. I had disabled cache in chrome.

 I had deactivated chorme caching in registry  by following steps.
Deactivate Chrome Cache in the Registry

Open Registry (Start -> Command -> Regedit)

Search for: HKEY_CLASSES_ROOT\ChromeHTML\shell\open\command

Change the part after ...chrom.exe" to this value: –disable-application- cache –media-cache-size=1 –disk-cache-size=1 — "%1"

Example: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" - disable-application-cache –media-cache-size=1 –disk-cache-size=1 — "%1"

I had also tried disable cache from chrome developer tools network -disable cache.

I had also tried by clearing cache from hsts on chrome.

I had also tried from incognito window on chrome. But still I get the same error

It is an Ubuntu machine on AWS(accessed by putty from windows pc).

I access from outside (windows pc - local pc )through http://54.23x.9x.17:8000 I am not able to resolve this error.


I had tried on some other machine.  I got the following error on console for Linux Ubuntu

it is changing to https instead of http and I got "GET / HTTP/1.1" 301 0 on console window


Please help me in resolving this error.

With Many Thanks, Bharath AK
0
CNAME Record caused my emails to fail.

I hosted 2 emails at RackSpace for my domain, and verified they worked fine. This required me to update the MX records where I host my domain.
name1@domain1.com
name2@domain1.com


Fine.

Then, before I could create a website, I was allowed by my partner to point my domain at his website.

The redirect worked once I created a CNAME record.
domain1.com brings up the site at domain2.com

But the emails stopped working.

The error is "553 Relaying disallowed"

I called RackSpace and they said it's because the MX records at the domain2.com, where domain1.com points at, are pointing to Zoho (a major email provider).

So, my question is...

If I move my two emails from RackSpace to Zoho, can I have a solution where

1) domain forwarding is working (domain1.com brings up the site at domain2.com)
2) emails work as well (both (domain1.com emails work again)

?

Thanks.

Or, is there another way to configure this?

Thanks
0
Why can I not update the URL in the browser?

I update QueryString and remove a malicious parameter. But, after executing the following code:

                filterContext.HttpContext.RewritePath(filterContext.HttpContext.Request.Path,
                                                       filterContext.HttpContext.Request.PathInfo,
                                                       filterContext.HttpContext.Request.QueryString.ToString());

Still see that bad domain.

I may be fighting development automation inside my own project;

I paste the following into the browser...

http://SENB-0186.mydomain.org/ContentManagement/?
goto=http%3a%2f%2fsenb-0186.mydomain.org.evil.com%3a80%2fContentManagement%2f

My code captures the goto parameter and removes it from the QueryString. I call the RewritePath() function above, and see the following in the browser


https://dev.nim.mydomain.org/IdentityServices//?return=http://senb-0186.mydomain.org
/ContentManagement/Account/LogOn?ReturnUrl=%2fContentManagement%2f%3fgoto%3dhttp%253a%252f%252f
senb-0186.mydomain.org.evil.com%253a80%252fContentManagement%252f&u
gid=040dec88-8a99-4410-bf72-1d868a207c8d

I have no problem with the introduction of https://dev.nim.mydomain.org/IdentityServices//?
but I do have a problem that the  mydomain.org.evil.com sub-domain re-appears.

Suggestions?

I even created a copy of QueryString, made the deletions on the sanitized version. But that also fails.

                …
0
Need to Redirect after removing one or more query string params.


I am using a whitelist to remove dangerous query string params, and when done, need to redirect to whatever is left in the  query string.

I understand things may break, but am okay letting our website's existing default behavior handle it.

What is the exact command to redirect?

ActionExecutingContext filterContext is the input param of the ActionFilterAttribute

        public override void OnActionExecuting(ActionExecutingContext filterContext)

and after removing the faulty query string params from:

filterContext.HttpContext.Request.QueryString

I am ready to redirect.

                filterContext.HttpContext.Response.Redirect(filterContext.HttpContext.Request.);

Please complete the the above parameter for Redirect()

Thanks
0
I have a web application built in vb.net. The home page is "main.aspx". I have x3 other websites that are directing traffic to the this website...the redirects are pointed to the main.aspx page. How can I capture which site the traffic is coming from? I'm thinking something with the headers. I would really like to capture the referring url or something that is unique.
0
I have Tomcat 8.0.35 running, web application running from IntelliJ IDEA 2017.3.3 (build successful and WAR deployed) but the browser (I tried with Chrome, Firefox, and IE) is showing HTTP Status 404 when I try to access http://localhost:8080/ or http://127.0.0.1:8080/.

I built my web application with Maven as WAR. The WAR file was successfully deployed in Tomcat's "/webapps/ROOT" directory and "index.html" and "index.jsp" are there and at the end of the deployment the browser page is open.

Tomat is configured to default ports: 8080, 8081, 8009.
localhost-8080---WAR-artifact-is-dep.PNG
localhost-8080---http-status-404.PNG
0
what are difference between http post and get, as far as what/how data is passed in a http request.
Reason I'm asking is, I created a simple ASP.NET MVC application. I have two methods (shown below, example contrived for this question). one method is decorated with [HttpPost] and other one is not. when i make a call from a third party app, it hits the break point in the first function ProcessData1 and I get the id parameter as well, since it is being passed in query string.
but if i try to make a call to ProcessData2, it doesn't hit the break point in that function.
I know the third party application, I'm using is making a Http post call.
I tried another rest client and this time when I made a call to ProcessData2, it was successful.

can some one point out possible reasons?

        public ActionResult ProcessData1(string id) {          
            return View(request);
        }

       [HttpPost]
        public ActionResult ProcessData2() {          
            return View(request);
        }
0
I am doing an HTTP post call to a database to pull information to load an audio player.

I am successful getting a JSON string with the desired details.

What I'm having trouble with is passing one of the JSON variables to the audio player as the source.

Here's a bit of code that shows what I'm trying to do.

<h1>{dir.dv_talent}</h1>
<h2>{{total_time}}</h2>

<audio id="player" my-audio>
    <source src="/radio/{{dir.dv_file}}.ogg" type="audio/ogg" />
    <source src="/radio/{{dir.dv_file}}.mp3" type="audio/mpeg" />
</audio>

Open in new window


So what works is the <h1> tag that displays the Talent Name and the <h2>Tag that gives the total time.  I also know there is valid data for dir.dv_file but when I inspect the code, it shows it as {{dir.dv_file}}.

So what that indicates to me is that the {{dir.dv_file}} is not converted to the passed variable inside of the <audio> tag.

So my question is how do I get that variable to be passed within that <audio> tag.
0
OWASP: Threats Fundamentals
LVL 12
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Hi ,

We have enabled Mapi over HTTP and its set to true.
Internal all working but external i forgot to set the outlook.mijdomain.com in it so i did sucsesfull.

Now i need to set per server the authentication method as its asking from outside a password to fill in.

What will be the correct command and correct or stanaard authenthication settings?
Many thanks.

It should be something like ?

Set-MapiVirtualDirectory -Identity "Servernameexchange01\mapi (Default Web Site)" -ExternalUrl https://outlook.mydomain.com/mapi -IISAuthenticationMethods Negotiate
(not sure)
Many thanks.
0
Hi All,

I have configured Issuing CA and Web server.

Issuing CA Roles (Certificate Authority)
Web server (Certificate Authority Web enrollment Service and OCSP)

When I try requesting a certificate directly through (http://issuingCA/certsrv) it is working fine the certificate can be issued through web console

While I try request using (https://webserver/certsrv) Everything is coming finally when i click submit on certificate request it through below error.

Error : CCertRequest::Submit: The RPC server is unavailable. 0x800706ba (WIN32: 1722

It is critical and really appreciated if any one can help this...

certsrv.JPG
0
I'm working with an ecommerce API. Once the transaction is processed an HTTP post is sent to a URL of your choice with the transaction data (a way to confirm transaction on your site). This is fine, however how can I confirm the HTTP post is from the applicable source for security purposes? I tried $_SERVER['HTTP_REFERER'] but nothing is provided.
0
I would like to understand the difference of persistent connection and keep alive. Is it only applicable to HTTP protocol? Thanks!
0
I created an htaccess file in my directory for pma.fivetier.com with the following:

order deny,allow
deny from all
allow from xx.xxx.xxx.xx

Open in new window


When trying to visit from my IP I get a testing 123... page if you visit link above you will see.   If I remove the .htaccess file I have full access again without any problem.  What am I doing wrong?  Do I need to use ipv6 address or something?
0
I am trying to access a website through proxy server.I am using httpclient.

This is the code which is working fine:

import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.HostConfiguration;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.GetMethod;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Properties;

public class Working {
private static  String PROXY_HOST = "proxy.test.org";
private static  int PROXY_PORT = 80;

    public static void main(String[] args) {
    HttpClient client = new HttpClient();
    HttpMethod method = new GetMethod("https://www.example.org");
    HostConfiguration config = client.getHostConfiguration();
    config.setProxy(PROXY_HOST, PROXY_PORT);

    try {
          client.executeMethod(method);
            if (method.getStatusCode() == HttpStatus.SC_OK) {
           String response = method.getResponseBodyAsString();
           System.out.println("Response = " + response);
                        }
    } catch (IOException e) {
        e.printStackTrace();
    } finally {
  …
0

HTTP Protocol

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.

Top Experts In
HTTP Protocol
<
Monthly
>