Web application security - the fast guide Chapter 2: Web Technologies | Page 8

HTTP Methods (cont.) 1. GET: sends name of the requested resource in the header along with other parameters 2. POST: sends information in the body part. without disclosing it in the address bar as the GET method additionally it is possible to send bigger information size noting that most web servers limit the size of header to less than 20K. 3. Head: like GET method but it does not return any body part in the response. 4. Trace: works as an echo method were the response contains the exact same contents as the request message. It is mainly used for diagnoses purposes. 5. Options: returns a response containing allowed HTTP methods for specific resource. 6. Put: helps to upload a resource to the server, this method can be a main source of attack if activated so it should be carefully controlled. 2017-05-10 Web Application Security Fast Guide (book slides) By Dr.Sami Khiami Slide 8