HTTP Flashcards

1
Q

HTTP HEADER CATEGORIES
(5)

A

GENERAL HEADERS
ENTITY HEADERS
REQUEST HEADERS
RESPONSE HEADERS
SECURITY HEADERS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

GENERAL HEADERS:
PURPOSE

A

General headers are used in both HTTP requests and responses. They are contextual and are used to describe the message rather than its contents.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

GENERAL HEADERS:
EXAMPLES

A

DATE
CONNECTION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ENTITY HEADERS:
PURPOSE

A

Similar to general headers, Entity Headers can be common to both the request and response. These headers are used to describe the content (entity) transferred by a message. They are usually found in responses and POST or PUT requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

ENTITY HEADERS:
EXAMPLES

A

CONTENT-TYPE
MEDIA-TYPE
BOUNDARY
CONTENT-LENGTH
CONTENT-ENCODING

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

REQUEST HEADERS:
EXAMPLES

A

HOST
USER-AGENT
REFERER
ACCEPT
COOKIE
AUTHORIZATION

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

REQUEST HEADERS:
PURPOSE

A

The client sends Request Headers in an HTTP transaction. These headers are used in an HTTP request and do not relate to the content of the message. The following headers are commonly seen in HTTP requests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

RESPONSE HEADERS:
PURPOSE

A

Response Headers can be used in an HTTP response and do not relate to the content. Certain response headers such as Age, Location, and Server are used to provide more context about the response. The following headers are commonly seen in HTTP responses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

RESPONSE HEADERS:
EXAMPLES

A

SERVER
SET-COOKIE
WWW-AUTHENTICATE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SECURITY HEADERS:
PURPOSE

A

HTTP Security headers are a class of response headers used to specify certain rules and policies to be followed by the browser while accessing the website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SECURITY HEADERS:
EXAMPLES

A

Content-Security-Policy
Strict-Transport-Security
Referrer-Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Content-Security-Policy

A

Dictates the website’s policy towards externally injected resources. This could be JavaScript code as well as script resources. This header instructs the browser to accept resources only from certain trusted domains, hence preventing attacks such as Cross-site scripting (XSS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Strict-Transport-Security

A

Prevents the browser from accessing the website over the plaintext HTTP protocol, and forces all communication to be carried over the secure HTTPS protocol. This prevents attackers from sniffing web traffic and accessing protected information such as passwords or other sensitive data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Referrer-Policy

A

Dictates whether the browser should include the value specified via the Referer header or not. It can help in avoiding disclosing sensitive URLs and information while browsing the website.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

CONTENT-TYPE

A

Used to describe the type of resource being transferred. The value is automatically added by the browsers on the client-side and returned in the server response. The charset field denotes the encoding standard, such as UTF-8.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

MEDIA-TYPE

A

The media-type is similar to Content-Type, and describes the data being transferred. This header can play a crucial role in making the server interpret our input. The charset field may also be used with this header.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

BOUNDARY

A

Acts as a marker to separate content when there is more than one in the same message. For example, within a form data, this boundary gets used as –b4e4fbd93540 to separate different parts of the form.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

CONTENT-LENGTH

A

Holds the size of the entity being passed. This header is necessary as the server uses it to read data from the message body, and is automatically generated by the browser and tools like cURL.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

CONTENT-ENCODING

A

Data can undergo multiple transformations before being passed. For example, large amounts of data can be compressed to reduce the message size. The type of encoding being used should be specified using the Content-Encoding header.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

DATE

A

Holds the date and time at which the message originated. It’s preferred to convert the time to the standard UTC time zone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

HOST

A

Used to specify the host being queried for the resource. This can be a domain name or an IP address. HTTP servers can be configured to host different websites, which are revealed based on the hostname. This makes the host header an important enumeration target, as it can indicate the existence of other hosts on the target server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

CONNECTION

A

Dictates if the current network connection should stay alive after the request finishes. Two commonly used values for this header are close and keep-alive. The close value from either the client or server means that they would like to terminate the connection, while the keep-alive header indicates that the connection should remain open to receive more data and input.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

User-Agent

A

The User-Agent header is used to describe the client requesting resources. This header can reveal a lot about the client, such as the browser, its version, and the operating system.

21
Q

Referer

A

Denotes where the current request is coming from. For example, clicking a link from Google search results would make https://google.com the referer. Trusting this header can be dangerous as it can be easily manipulated, leading to unintended consequences.

22
Q

Accept

A

The Accept header describes which media types the client can understand. It can contain multiple media types separated by commas. The / value signifies that all media types are accepted.

23
Q

Cookie

A

Contains cookie-value pairs in the format name=value. A cookie is a piece of data stored on the client-side and on the server, which acts as an identifier. These are passed to the server per request, thus maintaining the client’s access. Cookies can also serve other purposes, such as saving user preferences or session tracking. There can be multiple cookies in a single header separated by a semi-colon.

24
Q

Server

A

Contains information about the HTTP server, which processed the request. It can be used to gain information about the server, such as its version, and enumerate it further.

25
Q

Authorization

A

Another method for the server to identify clients. After successful authentication, the server returns a token unique to the client. Unlike cookies, tokens are stored only on the client-side and retrieved by the server per request. There are multiple types of authentication types based on the webserver and application type used.

26
Q

Set-Cookie

A

Contains the cookies needed for client identification. Browsers parse the cookies and store them for future requests. This header follows the same format as the Cookie request header.

27
Q

WWW-Authenticate

A

Notifies the client about the type of authentication required to access the requested resource.

28
Q

curl -v

A

using the -v flag with cURL shows us the full details of the HTTP request and response

29
Q

curl -I

A

If we were only interested in seeing the response headers, then we can use the -I flag to send a HEAD request and only display the response headers. Furthermore, we can use the -i flag to display both the headers and the response body (e.g. HTML code). The difference between the two is that -I sends a HEAD request (as will see in the next section), while -i sends any request we specify and prints the headers as well.

30
Q

HTTP REQUEST METHODS

A

GET
POST
HEAD
PUT
DELETE
OPTIONS
PATCH

31
Q

HTTP GET REQUEST

A

Requests a specific resource. Additional data can be passed to the server via query strings in the URL (e.g. ?param=value).

32
Q

HTTP POST REQUEST

A

Sends data to the server. It can handle multiple types of input, such as text, PDFs, and other forms of binary data. This data is appended in the request body present after the headers. The POST method is commonly used when sending information (e.g. forms/logins) or uploading data to a website, such as images or documents.

33
Q

HTTP HEAD REQUEST

A

Requests the headers that would be returned if a GET request was made to the server. It doesn’t return the request body and is usually made to check the response length before downloading resources.

34
Q

HTTP PUT REQUEST

A

Creates new resources on the server. Allowing this method without proper controls can lead to uploading malicious resources.

35
Q

HTTP DELETE REQUEST

A

Deletes an existing resource on the webserver. If not properly secured, can lead to Denial of Service (DoS) by deleting critical files on the web server.

36
Q

HTTP OPTIONS REQUEST

A

Returns information about the server, such as the methods accepted by it.

37
Q

HTTP PATCH REQUEST

A

Applies partial modifications to the resource at the specified location.

38
Q

HTTP RESPONSE CODES

A

1xx -Provides information and does not affect the processing of the request.

2xx -Returned when a request succeeds.

3xx -Returned when the server redirects the client.

4xx -Signifies improper requests from the client. For example, requesting a resource that doesn’t exist or requesting a bad format.

5xx -Returned when there is some problem with the HTTP server itself.

39
Q

200
OK

A

Returned on a successful request, and the response body usually contains the requested resource.

40
Q

302
FOUND

A

Redirects the client to another URL. For example, redirecting the user to their dashboard after a successful login.

41
Q

400
Bad Request

A

Returned on encountering malformed requests such as requests with missing line terminators.

42
Q

404
Not Found

A

Returned when the client requests a resource that doesn’t exist on the server.

43
Q

500
Internal Server Error

A

Returned when the server cannot process the request.

44
Q

403
Forbidden

A

Signifies that the client doesn’t have appropriate access to the resource. It can also be returned when the server detects malicious input from the user.

45
Q

curl -u

A

To provide the credentials through cURL, we can use the -u flag, as follows:

curl -u admin:admin http://<SERVER_IP>:<PORT>/</PORT></SERVER_IP>

46
Q

CLIENT-SERVER ARCHITECTURE

A
47
Q

WEB APPLICATION VS WEBSITE

A
48
Q

WEB 1.0 VS WEB 2.0

A
49
Q

WEB APPLICATION OPEN SOURCE DISTRIBUTIONS

A

WORDPRESS
OPENCART
JOOMLA

50
Q

WEB APPLICATION CLOSED SOURCE DISTRIBUTION

A

WIX
SHOPIFY
DOTNETNUKE

51
Q

SECURITY RISK OF WEB APPLICATIONS

A
52
Q
A