Shulou(Shulou.com)05/31 Report--

This article mainly explains "what is the role of Web security HTTP protocol". The content of the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn "what is the role of Web security HTTP protocol".

Hypertext transfer Protocol (HTTP,Hyper Text Transfer Protocol) is the core communication protocol used to access the World wide Web, and it is also the protocol used by all Web applications today. Although HTTP protocol is widely used in Web applications, it will be gradually replaced by HTTPS protocol because of its transmission insecurity.

At the beginning, HTTP was just a simple protocol developed to obtain static resources based on text. Later, with the rise of Web applications, people expanded and utilized it in various forms to enable it to support today's common complex distributed applications.

HTTP mechanism: the client sends a request and the server returns a response message. The protocol is a transport protocol based on TCP/IP protocol.

1. HTTP request

We can view the information in the request header of HTTP on the browser console. For example, enter the URL http://www.example.com, and then press F12 to open the console, as shown in figure 1.

Figure 1 HTTP request header

You can see from figure 1 that the approximate components of the request header are as follows.

(1) access method, the most commonly used method is GET, its main function is to obtain a resource from the Web server.

(2) the requested URL address.

(3) the version of HTTP used. The most common HTTP versions of Internet are 1.0 and 1.1, and the main difference between the two is that when attacking Web programs, the version of HTTP1.1 must use the Host request header.

(4) the User-Agent header provides information related to the browser or other client software that generated the request.

(5) the Host header is used to specify the host name that appears in the full URL being accessed.

(6) the Cookie header is used to submit the parameters issued by the server to the client.

2. HTTP response

Corresponding to the HTTP request mentioned earlier, the response header information can also be found in the browser, as shown in figure 2.

Figure 2 response header information

Some of the information in the response header is the same as in the request header, such as the version of HTTP.

The response header often represents the status code of the request result, and 200 is the most normal status code.

The response header also has the following main points: the Server header, which indicates the Web server software used, and the Content-Length header, which specifies the byte length of the message subject.

3. HTTP method

The two most commonly used methods when attacking Web applications are GET and POST.

The function of the GET method is to obtain resources. It can send parameters to the requested resource as a query string in URL.

The function of the POST method is to perform an operation. Use this method to send request parameters in the URL query string and message body.

The POST method is more effective than the GET method in transmitting data. The data transmitted by GET is no more than 2 KB, while the amount of data transmitted by POST is large, which is generally unlimited by default. But in theory, the maximum quantity in IIS4 is 80 KB,IIS5 and 100 KB. And the security of the GET method is relatively low, the POST method will encrypt the data, so it will be more secure. Another point is that the POST method is more efficient than the GET method.

Thank you for your reading, the above is the content of "what is the role of Web security HTTP protocol". After the study of this article, I believe you have a deeper understanding of the role of Web security HTTP protocol, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.