Web application security - the fast guide Chapter 2: Web Technologies | Page 4
HTTP Request (cont.)
1. Method: decides whether the request is meant to request a resource from the server
(GET) or to send user input to server to be processed (POST) other methods are also
available (discussed later in the chapter)
2. Headers:
a) Referrer: the source from which the Request-URI was obtained
b) User-agent: contains information about the user agent originating the request
c) Host: this is the hostname necessary specially when virtual hosts exist on the
web server (more than one site on the same webserver).
d) Cookie: An HTTP cookie previously sent by the server with Set-Cookie
e) Accept: specify certain media types which are acceptable for the response
f) Accept-language: restricts the set of natural languages that are preferred as a
response to the request
g) Accept-encoding: restricts the content-coding that are acceptable in the response
2017-05-10
Web Application Security Fast Guide (book slides)
By Dr.Sami Khiami
Slide 4