- Web Penetration Testing with Kali Linux(Third Edition)
- Gilberto Najera Gutierrez Juned Ahmed Ansari
- 351字
- 2021-06-24 18:44:51
The response header
Upon receiving a request and processing its contents, the server may respond with a message such as the one shown here:
The first line of the response header contains the status code (200), which is a three-digit code. This helps the browser understand the status of operation. The following are the details of a few important fields:
Status code: There is no field named status code, but the value is passed in the header. The 2xx series of status codes are used to communicate a successful operation back to the web browser. The 3xx series is used to indicate redirection when a server wants the client to connect to another URL when a web page is moved. The 4xx series is used to indicate an error in the client request and that the user will have to modify the request before resending. The 5xx series indicates an error on the server side, as the server was unable to complete the operation. In the preceding header, the status code is 200, which means that the operation was successful. A full list of HTTP status codes can be found at https://developer.mozilla.org/en-US/docs/Web/HTTP/Status.
Set-Cookie: This field, if defined, will establish a cookie value in the client that can be used by the server to identify the client and store temporary data.
Cache-Control: This indicates whether or not the contents of the response (images, script code, or HTML) should be stored in the browser's cache to reduce page loading times and how this should be done.
Server: This field indicates the server type and version. As this information may be of interest for potential attackers, it is good practice to configure servers to omit its responses, as is the case in the header shown in the preceding screenshot.
Content-Length: This field will contain a value indicating the number of bytes in the body of the response. It is used so that the other party can know when the current request/response has finished.
The exhaustive list of all of the header fields and their usage can be found at the following URL: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html.
- Linux運(yùn)維之道(第3版)
- Mastering ElasticSearch
- Kali Linux滲透測試全流程詳解
- 開源安全運(yùn)維平臺(tái)OSSIM疑難解析:入門篇
- 細(xì)說Linux基礎(chǔ)知識(shí)
- AWS Development Essentials
- 無蘋果不生活 The New iPad隨身寶典
- 一學(xué)就會(huì):Windows Vista應(yīng)用完全自學(xué)手冊
- Linux系統(tǒng)最佳實(shí)踐工具:命令行技術(shù)
- Windows 10從新手到高手
- Linux內(nèi)核分析及應(yīng)用
- OpenHarmony開發(fā)與實(shí)踐:基于紅莓RK2206開發(fā)板
- Mastering AWS CloudFormation
- Microsoft DirectAccess Best Practices and Troubleshooting
- Serverless Architectures with AWS