Web Application Basics
Web Application Basics
URL
Scheme:often https
User(rare)
Host/Domain:website address
typosquatting:mimic a website to trick people into giving up sensitive info.
Port:usually 80-http,443-https
Path:file path
Query String:have ?—Modify-able
Fragment—Modify-able
HTTP Request:
start line(methods/url path/http version)
request headers
(host,
user-agent,- - - web browser
referer,- - -such as www.google.com,the web where the request comefrom
cookies,
content-type,
content-length
…)
Request Body- - 4kinds:
- Url encoded(application/x-www-form-urlencoded) ;key=value
- form-data表格数据(multipart/form-data) ;boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW(- - - 之后为生成的分割头部)
- json(application/json); { “username”=“” }
- xml(application/xml) ;just like html
HTTP Response
The first line
in every HTTP response is called the Status Line. It gives you three key pieces of info:
HTTP Version: This tells you which version of HTTP is being used.
Status Code: A three-digit number showing the outcome of your request.
Reason Phrase: A short message explaining the status code in human-readable terms.
Since we already covered HTTP Versions in Task 5, let’s focus on the Status Codes and Reason Phrases here.
Status Codes and Reason Phrases
The Status Code is the number that tells you if the request succeeded or failed, while the Reason Phrase explains what happened. These codes fall into five main categories:
Informational Responses (100-199)
These codes mean the server has received part of the request and is waiting for the rest. It’s a “keep going” signal.
Successful Responses (200-299)
These codes mean everything worked as expected. The server processed the request and sent back the requested data.
Redirection Messages (300-399)
These codes tell you that the resource you requested has moved to a different location, usually providing the new URL.
Client Error Responses (400-499)
These codes indicate a problem with the request. Maybe the URL is wrong, or you’re missing some required info, like authentication.
Server Error Responses (500-599)
These codes mean the server encountered an error while trying to fulfil the request. These are usually server-side issues and not the client’s fault.
Common Status Codes
Here are some of the most frequently seen status codes:
100 (Continue)
The server got the first part of the request and is ready for the rest.
200 (OK)
The request was successful, and the server is sending back the requested resource.
301 (Moved Permanently)
The resource you’re requesting has been permanently moved to a new URL. Use the new URL from now on.
404 (Not Found)
The server couldn’t find the resource at the given URL. Double-check that you’ve got the right address.
500 (Internal Server Error)
Something went wrong on the server’s end, and it couldn’t process your request.
Response Header
just headers
Security Headers
1.CSP
Content-Security-Policy: default-src ‘self’; script-src ‘self’ https://cdn.tryhackme.com; style-src ‘self’
2.HSTS
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
3.X-Content-Type-Options
X-Content-Type-Options: nosniff
4.Referrer-Policy
This header controls the amount of information sent to the destination web server when a user is redirected from the source web server, such as when they click a hyperlink. The header is available to allow a web administrator to control what information is shared. Here are some examples of Referrer-Policy:
Referrer-Policy: no-referrer
Referrer-Policy: same-origin
Referrer-Policy: strict-origin
Referrer-Policy: strict-origin-when-cross-origin
Here’s a breakdown of the Referrer-Policy header by directives:
no-referrer
- This completely disables any information being sent about the referrer
same-origin
- This policy will only send referrer information when the destination is part of the same origin. This is helpful when you want referrer information passed when hyperlinks are within the same website but not outside to external websites.
strict-origin
- This policy only sends the referrer as the origin when the protocol stays the same. So, a referrer is sent when an HTTPS connection goes to another HTTPS connection.
strict-origin-when-cross-origin
- This is similar to strict-origin except for same-origin requests, where it sends the full URL path in the origin header.
