sharethis:
In HTTP protocol, client(also referred as a user agent) submits HTTP requests to the server by sending messages to it. The server sends messages back to the client in HTTP response. Both HTTP requests and HTTP responses use headers to send information about the HTTP message. A header is a series of lines, with each line containing a name followed by a colon and a space, and then a value. The fields can be arranged in any order. Some header fields are used in both request and response headers, while others are appropriate only for either a request or a response.
Many request header fields will allow the client to specify several acceptable options in the value part and, in some cases, even rank each option’s preference. Multiple items are separated using a comma. For example, a client could send a request header that includes “Content-Encoding: gzip, compress,” indicating it would accept either type of compression. If the server uses gzip encoding for the response body, its response header would include “Content-Encoding: gzip“. One can add his own field in HTTP headers so that it contains some value specified by user. Some fields can occur more than once in a single header. For example, a header can have multiple “Warning” fields.
In most the the hacking contest you will find atleast one question on HTTP headers. Information can be hidden in them. To clear that level you have to see and edit the HTTP headers fields. There are lots of softwares/addons available on the net that make it possible to see and edit HTTP header.
Some firefox addon: Firebug, Add and Modify Headers, Live HTTP headers
For more information regarding HTTP headers fields and their values please visit http://en.wikipedia.org/wiki/HTTP
0 comments