(1)Study of HTTP.
HTTP means HyperText Transfer Protocol.
The Hypertext Transfer Protocol (HTTP) is the foundation
protocol of the World Wide Web (WWW).
HTTP (Hypertext Transfer Protocol) is perhaps the most
popular application protocol used in the Internet (or The WEB).
HTTP is designed to permit intermediate network elements to
improve communications between clients and servers.
HTTP is a transaction-oriented client/server protocol. The most
typical use of HTTP is between a web browser and a web
HTTP is an asymmetric request-response client-server protocol
as illustrated. An HTTP client sends a request message to an
HTTP server. The server, in turn, returns a response message.
In other words, HTTP is a pull protocol, the client pulls
information from the server (instead of server pushes
information down to the client).
HTTP is a stateless protocol. In other words, the current request
does not know what has been done in the previous requests.
The Hypertext Transfer Protocol (HTTP) is an application-level
protocol for distributed, collaborative, hypermedia information
A typical implementation creates a new TCP (Transmission Control
Protocol) connection between client and server for each
transaction and then terminates the connection as soon as the
transaction completes, although the specification doesn't
dictate this one-to-one relationship between transaction and
HOW HTTP WORKS?
Web sites generally have an http:// at the beginning of the
uniform resource locator (URL) address.
When you enter a URL into your Web browser, the browser
sends out a data request for the information stored under that
address, which is then transferred back to you.
Your browser then interprets the data and displays it for you in
the appropriate manner.
Today, many sites instead have https:// listed as their URL
This stands for HTTP secure and means that the Web page will
be transmitted with encryption.
Banks, e-commerce sites and any company concerned about
Internet security may use the HTTPS protocol instead of simple
HTTP to ensure that sensitive data (such as your credit card
number) is sent to and from a server with encryption.
If there is no "s" after the HTTP prefix, you can assume that
there is no encryption. That's an important point to remember
when conducting business of any kind.
Users should check for the https:// prefix before entering
sensitive, private data into a site's forms. That's especially true
if accessing the site through a wireless connection.
Even services such as Google Mail, Twitter and Facebook have
begun using forms of HTTPS.
Here shown the difference between HTTP and HTTPS.
But in HTTPS has secure and means that the Web page will be
transmitted with encryption.
In the near future, Internet browsers may not see the HTTP at
all, because address bars may become a thing of the past.
Google Chrome and Mozilla Firefox are redesigning their systems
to be more like mobile applications than like traditional Web
browsing -- they're making the browser bar smaller and less
prominent. It's possible that the bar may one day disappear
altogether and all Internet access will be through links and apps.
(2) Explain methods of HTTP.
HTTP mainly divided in seven methods.
(i) Get : The GET method is used to retrieve information from a specified
URI and is assumed to be a safe, repeatable operation by
browsers, caches and other HTTP aware components.
This means that the operation must have no side effects and GET
requests can be re-issued without worrying about the
For example, displaying the balance of a bank account has no
effect on the account and can be safely repeated.
In fact, Internet Explorer will allow a user to refresh a page that
resulted from a GET, without displaying any kind of warning.
Other HTTP aware components such as proxies may automatically
retry GET requests if they encounter a temporary network
The conditional GET method is intended to reduce network usage
by allowing cached entities to be refreshed without requiring
multiple requests or transferring unnecessary data.
The GET method can also be used to submit forms. The form data
is URL-encoded and appended to the request URI.
One downside of GET requests is that they can only supply data in
the form of parameters encoded in the URI (Universel Resource Identifier
known as a Query String) or as cookies in the cookie request header.
Therefore, GET cannot be used for uploading files or other
operations that require large amounts of data to be sent to the
(ii) Head : A HEAD request is just like a GET request, except it asks the server
to return the response headers only, and not the actual resource
(i.e. no message body).
This is useful to check characteristics of a resource without
actually downloading it, thus saving bandwidth.
This is useful for retrieving meta-information written in response
headers without having to transport the entire content.
We can use HEAD when we don't actually need a file's contents.
The response to a HEAD request must never contain a message
body, just the status line and headers.
The head method is often used for testing hyperlinks, accessibility
and for determining if a document has been recently modifed.
(iii) Put : This method allows a client to upload new files on the web server.
An attacker can exploit it by uploading malicious files.
e.g.: an ASP (Active server Pages) file that executes commands by
invoking cmd.exe , or by simply using the victim's server as a file
HTTP/1.1 does not define how a PUT method affects the state of
an origin server.
PUT requests must obey the message transmission requirements.
(iv)Post: The POST method is used for operations that have side effects
and cannot be safely repeated.
For example, transferring money from one bank account to
another has side effects and should not be repeated without
explicit approval by the user.
If you try to refresh a page in Internet Explorer that resulted from
a POST, it displays the following message to warn you that there
may be side effects:
For banking, and other transactional web applications, the best
approach is to use a POST when the user submits a change and
then use a 302 redirection to change to a GET that displays the
result of the action.
A person who working with Microsoft's Internet Information
Server (IIS) may notice that it returns two status codes in its
response for a POST request.
The first is 100 Continue to indicate that it has successfully
received the POST request and the second is 200 OK after the
request has been processed.
(v) Delete: This method allows a client to delete a file on the web server.
An attacker can exploit it as a very simple and direct way to
deface a web site or to mount a DoS (Disk Operating System) attack.
This method may be overridden by human intervention (or other
means) on the Web Server.
If the response includes an entity describing the status of
deletion, the 200(OK) response code specifies that the resource
has been deleted successfully.
If the response is 202(Accepted), it specifies that the resource has
not yet been deleted.
Similarly, if the response code is 204 (No Content), it specifies that
the resource has been deleted but the response code does not
include an entity.
(vi) Trace: This method simply echoes back to the client whatever string has
been sent to the server, and is used mainly for debugging
This method, originally assumed harmless, can be used to mount
an attack known as Cross Site Tracing.
Thus, It is useful to locate exact location of your request.
(vii) Option: This method is Used when the client wants to determine other
available methods to retrieve a document on the Web server.
This method requests for information about the communication
options available on the request chain identified by a Request-URI
(Uniform Resource Identifier).
Responses to this method are not cacheable.
If the OPTIONS method includes an entity body, the media type
must be indicated by the content-type field.