Web application security - the fast guide Chapter 2: Web Technologies | Page 6
HTTP Response (cont.)
1.
2.
3.
4.
5.
6.
Date header specifies the date of response.
Server header : name of web server software that answer the request
X-Powered-By: (nonstandard) the technology used to create the response.
Pragma: specifies wither to put the response in the cache or not
Expires: specifies when the cached content should expire
Content-type and content-length: refer to the html contents contained in the
response body and the length of body part of the message in bytes.
7. Set-Cookie: set the name and value of the cookie that will be sent to the browser
and resent afterwards with each request to this server.
8. Connection: it tells HTTP to keep alive, for additional messages, or close the TCP
connection.
2017-05-10
Web Application Security Fast Guide (book slides)
By Dr.Sami Khiami
Slide 6