HTTP 2.0 is the next planned version of the HTTP network protocol used by the World Wide Web . HTTP 2.0 is being developed by the Hypertext Transfer Protocol Bis httpbis working group of the IETF . ref cite web url https datatracker.ietf.org wg httpbis charter title Hypertext Transfer Protocol Bis httpbis Charter publisher IETF date 2012 ref HTTP 2.0 would be the first new version of the HTTP protocol since HTTP 1.1. Goals for HTTP 2.0 include asynchronous connection multiplexing, header compression, and request response pipelining, while maintaining full backwards compatibility with the transaction semantics of HTTP 1.1. As of 2012 , work being presented for consideration by the httpbis working group includes Google s currently deployed SPDY protocol, and Microsoft s HTTP Speed Mobility proposal. ref cite web url http www.extremetech.com computing 124153 sm vs spdy microsoft and google battle over the future of http 2 0 title S&M vs. SPDY Microsoft and Google battle over the future of HTTP 2.0 publisher ExtremeTech author Sebastian Anthony date March 28, 2012 ref Many of the architectural approaches in these protocols were explored earlier by the World Wide Web Consortium s HTTP NG working group. Work on the HTTP NG project was suspended in 1998. ref cite web url http www.w3.org Protocols HTTP NG Activity.html title Final HTTP NG Activity Statement publisher World Wide Web Consortium ref References reflist External links http tools.ietf.org html draft mbelshe httpbis spdy 00 http tools.ietf.org html draft montenegro httpbis speed mobility 01 Category HTTP Category Application layer protocols Category World Wide Web network stub ... more details
Refimprove date September 2007 HTTPHTTP Tunneling is a technique by which communications performed using various network Protocol computing protocol s are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP IP family of protocols. The HTTP protocol therefore .... The HTTP stream with its covert channel is termed an HTTP Tunnel. HTTP Tunnel software consists of client server HTTP Tunneling applications that integrate with existing application software, permitting ..., networks behind proxy servers, and Network address translation NATs . Usage An HTTP Tunnel is used ... that wishes to communicate with a remote host opens an HTTP connection to a mediator server ... with the mediator server using HTTP request s, encapsulating the actual communications within those ... in question. Symmetrically, when it receives data from the remote host, it wraps it in the HTTP protocol before sending it as part of an HTTP response to the application. In this situation, the application ... communicated with. HTTP CONNECT Tunneling A variation of HTTP tunneling when behind an HTTP Proxy Server is to use the CONNECT HTTP method. ref cite IETF title Hypertext Transfer Protocol HTTP 1.1 ..., the client asks an HTTP Proxy server to forward the Transmission Control Protocol TCP connection to the desired destination using the CONNECT HTTP method. The server then proceeds to make the connection ... request is HTTP after that, the server simply proxies the established TCP connection. This mechanism is how a client behind an HTTP proxy can access websites using Secure Sockets Layer SSL i.e. HTTPS . Not all HTTP Proxy Servers support this feature, and even those that do may limit the behaviour ... t appear to be SSL . HTTP Tunneling without using CONNECT In some networks, the use of CONNECT method is restricted to some trusted sites. In this cases, a HTTP tunnel can be implemented using only usual HTTP methods as POST, GET, PUT and DELETE. This is similar to the approach used in Bidirectional ... more details
HTTP The HTTP response List of HTTP status codes status code 301 Moved Permanently is used for permanent redirection. This status code should be used with the HTTP location location header. RFC 2616 states that If a client has link editing capabilities, it should update all references to the Request URI. The response is cachable. Unless the request method was HEAD, the entity should contain a small hypertext note with a hyperlink to the new URI s . If the 301 status code is received in response to a request of any type other than GET or HEAD, the client must ask the user before redirecting. Example Client request pre GET index.php HTTP 1.1 Host www.example.org pre Server response pre HTTP 1.1 301 Moved Permanently Location http www.example.org index.asp pre Search Engines Google recommends using a 301 redirect to change the URL of a page as it is shown in search engine results. ref 301 redirects Webmaster Tools Help http support.google.com webmasters bin answer.py?hl en&answer 93633 ref Notes Reflist See also Hypertext Transfer Protocol List of HTTP status codes Category HTTP status codes web stub ar 301 de Weiterleitung id HTTP 301 ru HTTP 301 ... more details
HTTP The HTTP response List of HTTP status codes status code 302 Found is a common way of performing a redirection. It is an example of industry practice contradicting the standard HTTP 1.0 specification RFC 1945 , which required the client to perform a temporary redirect the original describing phrase was Moved Temporarily , but popular browsers implemented it as a HTTP 303 303 See Other ref cite web last Lawrence first Eric url http blogs.msdn.com b ieinternals archive 2011 08 19 understanding the impact of redirect response status codes on http methods like head get post and delete.aspx work EricLaw s IEInternals blog accessdate 20 August 2011 title HTTP Methods and Redirect Status Codes ref , i.e. changing the request type to GET regardless of what it had been originally. Therefore, HTTP 1.1 added status codes 303 and HTTP 307 307 to disambiguate between the two behaviours. However, the majority of Web applications and frameworks still use the 302 status code as if it were the 303. Citation needed date October 2009 This status code should be used with the HTTP location location header. Example Client request pre GET index.html HTTP 1.1 Host www.example.com pre Server response pre HTTP 1.1 302 Found Location http www.iana.org domains example pre See also Hypertext Transfer Protocol List of HTTP status codes References Reflist External links RFC 2616 HTTP 1.1 RFC 1945 HTTP 1.0 Category HTTP status codes ... more details
HTTP The HTTP response List of HTTP status codes status code 303 See Other is the correct manner in which to redirect web applications to a new Universal Resource Identifier URI , particularly after an HTTP POST has been performed. This response indicates that the correct response can be found under a different URI and should be retrieved using a GET method. The specified URI is not a substitute reference for the original resource. This status code should be used with the HTTP location location header, as described below. 303 See Other has been proposed as one way of responding to a request for a Universal Resource Identifier URI that identifies a real world object according to Semantic Web theory the other being the use of hash URIs . ref http www.w3.org TR cooluris Cool URIs for the Semantic Web , see section 4 ref For example, when building a Restful web service that needs to return to the caller immediately but continue executing asynchronously such as a long lived image conversion , the web service can provide a status check URI that allows the original client who requested the conversion to check on the conversion s status. This status check web service should return 303 See Other to the caller when the task is complete, along with a URI from which to retrieve the result in the Location HTTP header field. ref Subbu Allamaraju. RESTful Web Services Cookbook Solutions for Improving Scalability and Simplicity . O Reilly Media, 2010, p. 20. ref Example Client request pre GET HTTP 1.1 Host www.example.com pre Server response pre HTTP 1.1 303 See Other Location http example.org other pre See also RFC 2616 HTTP 1.1 RFC 1945 HTTP 1.0 Hypertext Transfer Protocol List of HTTP status codes Post Redirect Get References reflist Category HTTP status codes Category Article Feedback 5 web stub id HTTP 303 pt HTTP 303 ... more details
HTTPHTTP compression is a capability that can be built into web server s and web client s to make better ... url http www.microsoft.com technet prodtechnol WindowsServer2003 Library IIS d52ff289 94d3 4085 bc4e 24eb4f312e0e.mspx?mfr true title Using HTTP Compression IIS 6.0 accessdate 9 February 2010 publisher Microsoft Corporation ref HTTP data is Data compression compressed before it is sent from the server ... being used. Internet Explorer 6, which drops to HTTP 1.0 without features like compression ... browser most prone to failing back to uncompressed HTTP. ref http code.google.com speed articles ... Encoding field in the HTTP request, with supported compression schema names called content coding tokens , separated by commas. GET encrypted area HTTP 1.1 Host www.example.com Accept Encoding ... a Content Encoding field in the HTTP response with the used schemas, separated by commas. HTTP 1.1 200 ... the zlib compression and the raw deflate compression. ref cite web url http www.vervestudios.co ..., Co ref ref cite web url http www.gzip.org zlib zlib faq.html faq38 title Frequently Asked Questions about zlib What s the difference between the gzip and deflate HTTP 1.1 encodings? accessdate 23 March ... supported as of March 2011. ref cite web url http www.vervestudios.co projects compression tests ... Network Transfer Format for Java Archives ref http jcp.org en jsr detail?id 200 JSR 200 Network Transfer Format for Java Archives. ref SDCH sdch Google Shared Dictionary Compression for HTTP bzip2 free ... and Retrieval described in http msdn.microsoft.com en us library dd304322 28v PROT.10 29.aspx MS PCCRPT Servers that support HTTP compression SAP NetWeaver Internet Information Services Microsoft IIS built in or using third party module Apache HTTP Server , via mod deflate despite its name currently only supporting gzip ref cite web url http www.vervestudios.co projects compression tests title Compression Tests accessdate 23 March 2011 publisher Verve Studios, Co ref ref cite web url http mark.koli.ch ... more details
HTTP The HTTP Location header is returned in responses from an HTTP server under two circumstances 1. To ask a web browser to load a different web page. It is passed as part of the List of HTTP headers response by a web server when the requested URI has Moved temporarily, or Moved permanently In this circumstance, the Location header should be sent with an HTTP status code of 3xx. 2. To provide information about the location of a newly created resource. In this circumstance, the Location header should be sent with an HTTP status code of 201 or 202. ref name RESTful Web Services cite book last Leonard ... isbn 978 0 596 52926 0 pages 228 230 ref While the internet standard RFC 1945 HTTP 1.0 requires a complete absolute URI for redirection, ref name rfc2616 RFC 2616 HTTP 1.1 ref ref name rfc1945 RFC 1945 HTTP 1.0 ref the most popular web browsers tolerate the passing of a relative URL as the value for a Location ... rfc3305 RFC 3305 URIs, URLs, and URNs ref e.g., nowiki http , https , telnet , mailto nowiki ref name uri schemes http www.iana.org assignments uri schemes.html IANA Uniform Resource Identifer URI Schemes ref and conforms to scheme specific syntax and semantics. For example, the HTTP scheme specific syntax and semantics for HTTP URLs requires a host web server address and absolute path , with optional ... as when used as a request URI for a resource. ref name rfc2616sec322 http www.w3.org Protocols rfc2616 rfc2616 sec3.html sec3.2.2 RFC 2616 Section 3.2.2 HTTP URL ref Client request pre GET index.html HTTP 1.1 Host www.example.com pre Server response pre HTTP 1.1 302 Found Location http www.example.org ... specifies the URI returned to be absolute. ref name rfc2616sec1430 http tools.ietf.org html rfc2616 ... URL. Client request pre GET blog HTTP 1.1 Host www.example.com pre Server response pre HTTP 1.1 302 Found Location blog pre References references See also URL redirection Category HTTP Category HTTP headers Location ... more details
HTTP In the HTTP used on the World Wide Web , 403 Forbidden is an List of HTTP status codes HTTP status code returned by a web server when a user requests a web page or media that the server does not allow them to. In other words, the server can be reached, but the server declined to allow access to the page. This response is returned by the Apache HTTP Server Apache web server when directory listings have been disabled. Microsoft Internet Information Services IIS responds in the same way when directory listings are denied. This response may also be returned by the server if the client issued a WebDAV PROPFIND request but did not also issue the required Depth header, or issued a Depth header of infinity. ref name RFC 4918 cite web url http www.webdav.org specs rfc4918.html rfc.section.9.1.1 title HTTP Extensions for Web Distributed Authoring and Versioning WebDAV date June 2007 publisher IETF accessdate November 10, 2009 ref 403 substatus error codes for IIS 403.1 Execute access forbidden. 403.2 Read access forbidden. 403.3 Write access forbidden. 403.4 SSL required. 403.5 SSL 128 required. 403.6 IP address rejected. 403.7 Client certificate required. 403.8 Site access denied. 403.9 Too many users. 403.10 Invalid configuration. 403.11 Password change. 403.12 Mapper denied access. 403.13 Client certificate revoked. 403.14 Directory listing denied. 403.15 Client Access Licenses exceeded. 403.16 Client certificate is untrusted or invalid. 403.17 Client certificate has expired or is not yet valid. 403.18 Cannot execute request from that application pool. See also .htaccess List of HTTP status codes Rewrite engine References reflist 2 External links http www.getnetgoing.com HTTP 403.html Help for HTTP 403 Forbidden errors http docs.fedoraproject.org selinux user guide f10 en ... R t httpd sys content t web DEFAULTSORT Http 403 Category HTTP status codes Web stub el HTTP 403 ko HTTP 403 ja HTTP 403 pt HTTP 403 sq HTTP 403 ... more details
HTTP Image HTTP pipelining2.svg thumb left 300px Schema of non pipelined vs. pipelined connection. HTTP pipelining is a technique in which multiple HTTP requests are sent on a single TCP connection without waiting for the corresponding responses. ref cite web url http www.w3.org Protocols rfc2616 rfc2616 sec8.html sec8.1.2.2 title part of Hypertext Transfer Protocol HTTP 1.1 Section 8.1.2.2 Pipelining ... improvement ref cite web url http www.w3.org Protocols HTTP Performance Pipeline.html title Network Performance Effects of HTTP 1.1, CSS1, and PNG publisher World Wide Web Consortium accessdate ... several HTTP requests in the same Transmission Control Protocol TCP Packet information technology packet , HTTP pipelining allows fewer TCP packets to be sent over the Computer networking network , reducing network load . Non idempotence computer science idempotent methods like POST HTTP POST should ... requests in the sequence depend on the effect of others. ref cite web url http www.w3.org Protocols rfc2616 rfc2616 sec9.html sec9.1.2 title part of Hypertext Transfer Protocol HTTP 1.1 Section 9.1.2 Idempotent Methods date June 1999 publisher W3C accessdate 2009 05 16 ref HTTP pipelining requires both the client and the server to support it. HTTP 1.1 conforming servers are required to support pipelining ... is only supported in HTTP 1.1, not in 1.0. Implementation in web servers Implementing pipelining in web ... working implementation that is enabled by default. All other browsers HTTP pipelining is disabled or not implemented. ref cite web url http lwn.net Articles 362473 title Reducing HTTP latency with SPDY ... url http www.microsoft.com windowsxp expertzone chats transcripts 08 0814 ez ie8.mspx title Windows ..., however it is disabled by default. ref http kb.mozillazine.org Network.http.pipelining ref ref cite ... hg.mozilla.org releases mozilla 2.0 file 09565753ce5f netwerk protocol http src nsHttpConnection.cpp ... 17 , but version 18 beta supports pipelining http but not https as a non default option ... more details
Infobox Software name CL HTTP logo screenshot caption author John C. Mallery programming language Common Lisp released 1994 latest release version latest release date operating system Cross platform genre Web Server license Proprietary website url http cl http.org 8000 CL HTTP is a web server, client and proxy written in Common Lisp . It is based on its own web application framework . It was written by John C. Mallery starting in 1994 on a Symbolics Lisp Machine . In the same year a port to Macintosh Common Lisp was done. In 1996 CL HTTP added support for the HTTP 1.1 protocol. It runs on Unix , Linux , BSD BSD variants , Mac OS X , Solaris operating system Solaris , Symbolics Genera and Microsoft Windows . CL HTTP makes extensive use of the Common Lisp Object System and the macro capabilities of Lisp. ref A Common LISP Hypermedia Server, John C. Mallery, Proceedings of The First International Conference on The World Wide Web, Geneva CERN, May 25, 1994. ref Usage CL HTTP has been used in several applications. ELM ART is a tutoring system written in Common Lisp using CL HTTP. ref ELM ART An intelligent tutoring system on world wide web Peter Brusilovsky, Elmar Schwarz und Gerhard Weber ..., http www.springerlink.com content fnj2687uxrj21640 Springer ref It was later commercialized as NetCoach ... 2002 ref InterBook is an early adaptive electronic text book, also written on top of CL HTTP. ref ..., Gerhard, WebNet 96 Conference Proceedings San Francisco, CA, October 15 19, 1996 ref Cl HTTP has ..., Volume 40 Issue 5, May 1997 ref ref An HTTP Interface to Common Music, Heinrich Taube, Tobias Kunze ... on Acoustics, Speech, and Signal Processing, 1997. ICASSP 97., 1997 http citeseerx.ist.psu.edu viewdoc download?doi 10.1.1.130.8585&rep rep1&type pdf PDF ref CL HTTP is an example of a non trivial ... Caching Proxy Client References references External links http cl http.org 8000 CL HTTP website http clhttp.plasticki.com CL HTTP Primer Common Lisp Application frameworks DEFAULTSORT Cl Http Category ... more details
Wikipedia Link rot HTTP The 404 or Not Found error message is a Hypertext Transfer Protocol HTTP List of HTTP status codes standard response code indicating that the Web Browser client was able to communicate .... ref http royal.pingdom.com 2009 05 06 the 5 most common http errors according to google The 5 most common HTTP errors according to Google ref A 404 error should not be confused with Web server server ... does not guarantee the same content. Overview When communicating via HTTP, a server is required ... two digits indicate the specific error encountered. HTTP s use of three digit codes is similar ... Transfer Protocol NNTP . At the HTTP level, a 404 response code is followed by a human readable reason phrase . The HTTP specification suggests the phrase Not Found ref cite web url http www.w3.org ... traffic and longer loading times will be generated. ref cite web url http www.thesitewizard.com archive ... ref ref cite web url http www.wdvl.com Authoring Design Images Favicon work Web Developers Virtual ... http help.yahoo.com l uk yahoo search webcrawler slurp 10.html title Why is your crawler asking for strange ... when using certain HTTP server software, for example with the Apache HTTP Server Apache software ... http example.com error.html nowiki rather than a relative path error.html . ref cite web url http ... date 10 September 2004 accessdate 6 March 2011 ref Other ISPs return a HTTP 403 forbidden error in the same circumstances. ref http iwfwebfilter.thus.net error blocked.html DEMON Error 403 ref The practice ... ref cite news url http www.bangkokpost.com tech technews 11872 the old fake 404 not found routine ... last Sambandaraksa accessdate 12 September 2010 ref and Tunisia . ref cite web url http opennet.net ... named Ammar 404 who represents the invisible censor . ref cite web url http advocacy.globalvoicesonline.org ... arm of the Royal Mail Post Office ref name autogenerated1 cite news url http news.bbc.co.uk 1 ... Sahala last Swenson title Make your 404 pages more useful url http googlewebmastercentral.blogspot.com ... more details
Unreferenced date February 2010 ASP.NET HTTP Handlers are a new technique presented in ASP.NET that was not present in the Classic Active Server Pages ASP . HTTP Handlers are components that implement the code System.Web.IHttpHandler code interface. Unlike ASP.NET Pages they have no HTML markup file, no events and other supporting. All they have is a code file written in any List of CLI languages .NET compatible language that writes some data to the server HTTP response. ASP.NET handlers have .ashx file extension unlike pages, that have .aspx file extension . Handlers are considered to be more lightweight object than pages. That s why they are used to serve dynamically generated images, on the fly generated Portable Document Format PDF files and similar content to the web browser . External links http msdn.microsoft.com en us library system.web.ihttphandler lightweight .aspx IHttpHandlers at MSDN Category ASP.NET ... more details
HTTP In computing, POST is one of many HTTP Request methods request methods supported by the HTTP protocol used by the World Wide Web . The POST request method is used when the client needs to send data to the server as part of the request, such as when uploading a file or submitting a completed form. In contrast to the GET HTTP GET request method where only a URL and headers are sent to the server. POST requests also include a message body, this allows for arbitrary length data of any type to be sent to the server. A header field in the POST request usually indicates the message body s Internet media type . Use for submitting web forms When a web browser sends a POST request from a form web web form element, the default Internet media type is application x www form urlencoded . ref cite web title Hypertext Markup Language 2.0 Forms date 22 September 1995 accessdate 15 January 2011 last Berners Lee first1 Tim authorlink1 Tim Berners Lee last2 Connolly first2 Dan authorlink2 Dan Connolly url http www.w3.org MarkUp html spec html spec 8.html SEC8.2.1 publisher World Wide Web Consortium ref This is a format for encoding Associative array key value pairs with possibly duplicate keys. Each key value pair is separated by an & character, and each key is separated from its value by an character ... on all other non alphanumeric ref cite web title Forms in HTML documents url http www.w3.org ... ref RFC 2616, http www.w3.org Protocols rfc2616 rfc2616 sec9.html sec9.1.1 9.1.1 Safe Methods ref ... http www.cs.tut.fi jkorpela forms methods.html title Methods GET and POST in HTML forms what s the difference ... ref See also Postback References reflist External links http www.jmarshall.com easy http postmethod Straightforward definition of POST http www.w3.org Protocols rfc2616 rfc2616 sec9.html POST verb in HTTP specification http www.w3.org 2001 tag doc whenToUseGet.html URIs, Addressability, and the use of HTTP GET and POST Category HTTP cs POST pl POST metoda ... more details
refimprove date January 2011 HTTP The HTTP referer originally a misspelling of referrer that occurs as an List of HTTP header fields HTTP header field identifies, from the point of view of an Internet ... proposal by computer scientist Phillip Hallam Baker to incorporate the field into the HTTP specification. ref name hallam baker Hallam Baker, Phillip. http groups.google.com group alt.folklore.computers .... ref name fielding Fielding, Roy. http lists.w3.org Archives Public ietf http wg old 1995JanApr 0107.html Re Referer sic . HTTP wg, 1995 03 09 ref Referer has since become a widely used spelling in the industry when discussing HTTP referers usage of the misspelling is not universal, though ... it is to be displayed. The referer field is an optional part of the HTTP request sent by the web browser ... URI of the resource from which the Request URI was obtained http tools.ietf.org html rfc2616 ... name sendRefererHeader http kb.mozillazine.org Network.http.sendRefererHeader network.http.sendRefererHeader .... Referer hiding Most web servers maintain logs of all traffic, and record the HTTP referer ... server and manipulate the HTTP request, while web based methods load websites within frames ..., this method of redirection is discouraged by the World Wide Web Consortium W3C . ref http www.w3.org TR WCAG10 HTML TECHS meta element w3.org ref If a website is accessed from a HTTP Secure HTTPS ... is not sent. ref Clients SHOULD NOT include a Referer sic header field in a non secure HTTP request if the referring page was transferred with a secure protocol. http tools.ietf.org html rfc2616 section ... in order to instruct the user agent not to send a referer. ref http www.globinch.com 2011 01 21 ... dereferrer RFC 2616 Hypertext Transfer Protocol HTTP 1.1 http www.ietf.org rfc rfc3987.txt IRI ... Category HTTP headers cs HTTP referrer de Referrer fr R f rant ko it Referer he Referer lv HTTP referer hu Referer ja HTTP pl HTTP referrer pt HTTP referrer ru HTTP referer zh HTTP referrer ... more details
Use dmy dates date April 2012 HTTP An ETag , or entity tag , is part of Hypertext Transfer Protocol HTTP , the protocol for the World Wide Web . It is one of several mechanisms that HTTP provides for web ... http www.w3.org 1999 04 Editing title Editing the Web Detecting the Lost Update Problem Using Unreserved ... from their comparison. Deployment risks The use of ETags in the HTTP header is optional not mandatory as with some other fields of the HTTP 1.1 header . The method by which ETags are generated has never been specified at any time in the HTTP specification. Common methods of ETag generation ... server will return the resource along with its corresponding ETag value, which is placed in an HTTP ... may send back a very short response with an HTTP 304 Not Modified status. The 304 status ... ETags ETags can be used to track unique users ref cite web url http www.arctic.org dean tracking without cookies.html title tracking without cookies date 17 February 2003 ref , as HTTP cookie s are increasingly ..., including Hulu.com , are using ETags for tracking purposes. ref cite web url http papers.ssrn.com ..., ref cite web url http ashkansoltani.org docs respawn redux.html title Respawn Redux date 11 August ... tracking cookies partially involving the use of ETags. ref http www.extremetech.com internet ... addon safehistory ref References Reflist Refbegin http www.w3.org Protocols rfc2616 rfc2616 sec14.html sec14.19 ETag in HTTP 1.1 specification http iwaw.europarchive.org 04 Clausen.pdf Concerning Etags and Datestamps by Lars R. Clausen 2004 Refend External links http httpd.apache.org docs 2.2 mod core.html fileetag Apache HTTP Server Documentation FileETag Directive http www.w3.org 1999 04 ... 1999. http devel.squid cache.org old projects.html etag Old SQUID Development projects ETag support completed in 2001 http trac.lighttpd.net trac wiki Docs 3AConfigurationOptions LighttpdCoreOptions ETag in Lighttpd http www.infoq.com articles etags Using ETags to Reduce Bandwidth & Workload with Spring ... more details
lang en . For more information see Wikipedia Secure server HTTP technical date October 2011 Hypertext Transfer Protocol Secure HTTPS is a combination of the Hypertext Transfer Protocol HTTP with the Transport ... Protocol Secure HTTP S HTTP specified in RFC 2660. Overview details Transport Layer Security HTTPS is a URI scheme which has identical syntax to the standard HTTP scheme, aside from its scheme .... SSL is especially suited for HTTP since it can provide some protection even if only one side of the communication is authentication authenticated . This is the case with HTTP transactions over ... ref Technical Difference from HTTP HTTPS URLs begin with https and use List of TCP and UDP port numbers port 443 by default, where HTTP URL s begin with http and use List of TCP and UDP port numbers port 80 by default. HTTP is unsecure and is subject to man in the middle and eavesdropping attacks ... deprecated versions of SSL . Network layers HTTP operates at the highest layer of the OSI Model , the Application layer but the security protocol operates at a lower sublayer, encrypting an HTTP message ... protocol, but refers to use of ordinary HTTP over an encryption encrypted SSL TLS connection ... ref cite web url http www.sslshopper.com article free ssl certificates from a free certificate authority.html ... accessdate 2009 10 24 ref ref cite web url http www.techrepublic.com blog networking secure outlook ... SSL Services publisher namecheap accessdate 30 jan 2012 ref and 1,500 ref cite web url http ... Chrome , Firefox , ref cite web url http www.mozilla.com en US legal privacy firefox en.html ... May 2009 ref Opera web browser Opera , ref cite news url http news.softpedia.com news Opera 8 launched ... 13 May 2009 ref and Internet Explorer on Windows Vista ref cite web url http msdn.microsoft.com en ... the browser whether or not the certificate is still valid. ref cite web url http tools.ietf.org html ... can be inferred by knowing only the intercepted request response size. ref cite web url http sysd.org ... more details
HTTP A cookie , also known as an HTTP cookie , web cookie , or browser cookie , is a piece of data stored .... ref cite web url http tools.ietf.org html rfc6265 section 3 work IETF title HTTP State Management ... computer ref Adam Penenberg. http www.slate.com id 2129656 Cookie Monsters . Slate magazine Slate ... that prompted European and US law makers to take action. ref name eulaw cite news url http www.bbc.co.uk ... 08 ref ref cite web url http adage.com article digital sen rockefeller ready a real track bill 227426 ... url http news.cnet.com 8301 10789 3 9918582 57.html first Robert last Vamosi title Gmail cookie stolen ... in June 1994. ref cite news url http www.nytimes.com 2001 09 04 technology 04COOK.html work ... a Shopping cart software virtual shopping cart . ref name ks Jey Kesan and Rajiv Shah. http .... HTTP Cookies Standards, privacy, and politics. ACM Transactions on Internet Technology, 1 2 , 151 198, 2001. doi 10.1145 502152.502153 an expanded version is freely available at http arxiv.org abs cs.SE ... , released on October 13, 1994, ref cite web url http wp.netscape.com newsref pr newsrelease1.html ... Web.archive.org date accessdate 2010 05 22 archiveurl http web.archive.org web 20061207145832 http wp.netscape.com newsref pr newsrelease1.html archivedate 2006 12 07 ref ref cite web url http ... Explorer in version 2, released in October 1995. ref cite news first Sandi last Hardmeier url http ... Engineering Task Force IETF was formed. Two alternative proposals for introducing state in HTTP transactions ... Session cookie A session cookie ref name mscookie Microsoft Support http support.microsoft.com kb ... session cookies when it quits. A session cookie is created when no HTTP cookie Expires and Max Age ... a server via HTTP Secure HTTPS , ensuring that the cookie is always encrypted when transmitting from ... ref ref name httponlyrfc IETF http tools.ietf.org html rfc6265 HTTP State Management Mechanism ... when transmitting HTTP or HTTPS requests, thus restricting access from other, non HTTP APIs such as JavaScript ... more details
HTTPHTTP header injection is a general class of web application security vulnerability which occurs when Hypertext Transfer Protocol HTTP list of HTTP headers headers are dynamically generated based on user input. Header injection in HTTP responses can allow for HTTP response splitting , Session fixation via the Set Cookie header, cross site scripting XSS , and malicious redirects attacks via the location header. HTTP header injection is a relatively new area for web based attacks, and has primarily been pioneered by Amit Klein in his work on request response smuggling splitting. Sources http lists.grok.org.uk pipermail full disclosure 2006 February 042358.html HTTP Response Smuggling http palisade.plynt.com issues 2006Sep http request smuggling HTTP Request Smuggling http www.webappsec.org lists websecurity archive 2008 04 msg00003.html File Download Injection Tools http wapiti.sf.net Wapiti Open Source Header, XSS, SQL and LDAP injection scanner Category Web security exploits Category HTTP Category HTTP headers internet stub de Header Injection ja HTTP ... more details
notability date April 2011 primarysources date April 2011 IBM HTTP Server IHS is a web server based on the Apache Software Foundation s Apache HTTP Server that runs on AIX operating system AIX , HP UX , Linux , Solaris operating system Solaris , Windows NT , and z OS . It is available for http www.software.ibm.com webservers appserv download and use free of charge but without IBM support. The HTTP server is also included in the IBM WebSphere Application Server distribution packages. The default web console administration port is 8008. Major releases IBM HTTP Server 8.0 BETA, 03 September 2009 Apache 2.2.3 based IBM HTTP Server 7.0 7.0.0.0, 15 March 2009 Apache 2.2.11 based IBM HTTP Server 6.0 6.1.0.0, 21 July 2006 Apache 2.0.47 based 6.0.2.0, 29 July 2005 Apache 2.0.47 based 6.0.1.0, 15 April 2005 See also IBM WebSphere Application Server Comparison of web servers External links http www 306.ibm.com software webservers httpservers IBM HTTP Server homepage http www 1.ibm.com support docview.wss?rs 177&uid swg27005198 IBM Recommended Updates for IBM HTTP Server http www 128.ibm.com developerworks opensource library os phphttp IBM Differences between open source apache and IHS, GSKIT overview, and info on PHP with IHS DEAD http www 1.ibm.com support docview.wss?rs 177&context SSEQTJ&dc DB520&dc DB560&uid swg21273556&loc en US&cs UTF 8&lang en&rss ct177websphere HTTP Server and its relationship to IBM WebSphere Application Server http www 1.ibm.com support docview.wss?rs 177&context SSEQTJ&dc D400&uid swg24008409&loc en US&cs UTF 8&lang en&rss ct177websphere Debugging IBM HTTP Server crashes, hangs, high CPU, startup failures IHS diagnostics package network software stub Category Web server software Category IBM software HTTP Server hu IBM HTTP Server ja IBM HTTP Server pt IBM HTTP Server ... more details
HTTPHTTP response splitting is a form of web application vulnerability computing vulnerability , resulting from the failure of the application or its environment to properly sanitize input values. It can be used to perform cross site scripting attacks, cross user defacement, web cache poisoning, and similar exploit computer security exploits . The attack consists of making the server print a carriage return CR, ASCII 0x0D line feed LF, ASCII 0x0A sequence followed by content supplied by the attacker in the List of HTTP headers header section of its response, typically by including them in input fields sent to the application. Per the Hypertext Transfer Protocol HTTP standard RFC 2616 , headers are separated by one CRLF and the response s headers are separated from its body by two. Therefore, the failure to remove CRs and LFs allows the attacker to set arbitrary headers, take control of the body, or break the response into two or more separate responses hence the name. Prevention The generic solution is to Percent encoding URL encode strings before inclusion into List of HTTP headers HTTP header s such as Location or Set Cookie . Typical examples of sanitization include Type conversion casting to integer s or aggressive regular expression replacement. Although response splitting is not specific to PHP , the PHP interpreter contains protection against the attack since version 4.4.2 and 5.1.2. ref http php.net releases 5 1 2.php PHP PHP 5.1.2. Release Announcement ref References references External links http www.webappsec.org projects threat classes http response splitting.shtml HTTP Response Splitting, The Web Application Security Consortium http wapiti.sf.net Wapiti Open Source XSS, Header, SQL and LDAP injection scanner http lwn.net Articles 303445 LWN article http cwe.mitre.org data definitions 113.html CWE 113 Failure to Sanitize CRLF Sequences in HTTP Headers HTTP ... exploits cs HTTP response splitting de HTTP Response Splitting fr S paration de r ponse HTTP ... more details
HTTPHTTP Body Data is the data bytes transmitted in an HTTP transaction message immediately following the List of HTTP headers headers if there is any in the case of http www.w3.org Protocols HTTP AsImplemented.html HTTP 0.9 no headers are transmitted . HTTP message The request response message consists of the following Request line, such as tt GET logo.gif HTTP 1.1 tt or List of HTTP status codes Status line, such as tt HTTP 1.1 200 OK tt , List of HTTP headers Headers An empty line Optional HTTP message body data The request status line and headers must all end with CR LF that is, a carriage return followed by a line feed . The empty line must consist of only CR LF and no other Whitespace computer science whitespace . The optional HTTP message body data is what this article defines. Response example This could be a response from the web server pre HTTP 1.1 200 OK Date Sun, 10 Oct 2010 23 26 07 GMT Server Apache 2.2.8 Ubuntu mod ssl 2.2.8 OpenSSL 0.9.8g Last Modified Sun, 26 Sep 2010 22 04 35 GMT ETag 45b6 834 49130cc1182c0 Accept Ranges bytes Content Length 13 Connection close Content Type text html Hello world pre See also HTTPHTTP compression List of HTTP headers List of HTTP status codes Web cache External links Web stub Semantic Web DEFAULTSORT Http Body Data Category HTTP Category Network protocols Category Web browsers Category Internet protocols Category Application layer protocols Category Open formats Category World Wide Web Consortium standards ... more details
multiple issues one source March 2011 refimprove March 2011 self published March 2011 Oracle HTTP Server OHS is a web server based on the Apache HTTP Server ref name 11gR1 cite web url http www.oracle.com technetwork middleware ias index 091236.html title Oracle HTTP Server accessdate April 28, 2011 ref ref name Devshed cite web url http www.devshed.com c a Oracle Managing the Oracle HTTP Server title Managing the Oracle HTTP Server accessdate March 22, 2011 ref , created by the Oracle Corporation Oracle Technology Network . The web server is based on Apache version 2.2 ref name adminguide cite web url http download.oracle.com docs cd E15523 01 web.1111 e10144 intro ohs.htm i1004902 title Introduction to Oracle HTTP Server accessdate April 28, 2011 ref . OHS is designed to execute faster on Windows OS machines and, like Apache 2.2, includes support for IPv6 ref http download.oracle.com docs cd E15523 01 core.1111 e10105 host.htm CHDCEIAJ OHS Administrator s Guide Section 14.5.2 Retrieved April 28, 2011 ref . Oracle Corporation Oracle distributes a free developer version and commercial versions of Oracle HTTP Server. Unlike the commercial license, the developer license only allows prototype development and explicitly prohibits even internal use. Server String to identify the Oracle HTTP Server running as webserve one can look at the serve string. example Oracle HTTP Server 1.3.28 Features Transport Layer Security SSL TLS security Virtual host Proxy Server References references network software stub Category Web server software Category Oracle software hu Oracle HTTP Server ... more details
HTTP Live Streaming also known as HLS is an HTTP based media streaming protocol computing communications ... by breaking the overall stream into a sequence of small HTTP based file downloads, each download ... standard HTTP transactions, HTTP Live Streaming is capable of traversing any Firewall computing firewall or proxy server that lets through standard HTTP traffic, unlike UDP based protocols such as Real ... for any given stream. Apple has documented HTTP Live Streaming as an Internet Draft Individual Submission ... to have been taken towards IETF standardization. ref cite web url http annevankesteren.nl 2010 09 ... 30 July 2011 ref Server implementations Anevia ViaMotion Servers support several protocols HTTP Live ... Dynamic Streaming for Flash ADS Flash , Dynamic Adaptive Streaming over HTTP MPEG DASH for targeting any device. They support both live and on demand streaming. TVersity supports HTTP Live streaming ... Universal Server from RealNetworks supports iPhone OS 3.0 and later for live and on demand HTTP Live ... Microsoft supports live and on demand Smooth Streaming and HTTP Live Streaming. Wowza Media Server from Wowza Media Systems supports live and on demand streaming. VODOBOX Live Server supports HTTP Live ... and above . Akamai supports HTTP Dynamic Streaming for live and on demand streams. Level 3 supports HTTP Dynamic Streaming for live and on demand streams. Telly supports HTTP Live Streaming of ATSC HDTV from Windows PC to iPhone, iPod, and iPad. VLC Media Player supports HTTP Live Streaming for serving ... url http wiki.videolan.org Documentation Streaming HowTo Streaming for the iPhone publisher ... Flash Media Server product supporting HTTP Live Streaming at the NAB Show in April 2011 Apple Inc. used ... numerous TV channels such as France 24 , RT TV network RT , and Al Jazeera English . http m.livestation.com channels Microsoft added support for HTTP Live Streaming in IIS Media Services 4.0. ref name IISMS4 cite web title First Look Microsoft IIS Media Services 4 url http www.streamingmedia.com ... more details
external links date February 2011 Unreferenced date June 2008 An embedded HTTP server is a component of a software system that implements the Hypertext Transfer Protocol HTTP protocol. Examples of usage within an application might be To provide a thin client interface for a traditional application.. To provide indexing dn date January 2012 , reporting , and debugging tools during the development stage. To implement a protocol for the distribution and acquisition of information to be displayed in the regular interface possibly a web service , and possibly using XML as the data format. To develop a web application There are a few advantages to using HTTP to perform the above HTTP is a well studied cross platform protocol and there are mature implementations freely available. HTTP is seldom blocked by firewalls and intranet routers. HTTP clients e.g. web browser s are readily available with all modern computers. There is a growing tendency of using embedded HTTP servers in applications that parallels the rising trends of home networking and ubiquitous computing . Typical requirements Natural limitations of the platforms where an embedded HTTP server runs contribute to the list of the functional requirements of the embedded, or more precise, embeddable HTTP server. Some of these requirements Small RAM and Read only memory ROM footprint. The exact size depends on the system, but in many cases anything over several megabytes is not embeddable. Minimal CPU utilization. Cross compilation support for multiple CPU and operating system combinations. Easy integration with an existing application, including static linking with the operating system and application. Serving pages from application memory if there is no file system. Modularity. Single thread and multi thread support. For every specific project requirements can vary significantly. For example, ROM and RAM footprints can ... typical embedded systems run multiple simultaneous tasks and an HTTP server is only one of them and may ... more details
HTTPHTTP persistent connection , also called HTTP keep alive , or HTTP connection reuse , is the idea of using the same Transmission Control Protocol TCP connection to send and receive multiple HTTP request ... Under HTTP 1.0 , there is no official specification for how keepalive operates. It was, in essence ... is over, and one of them drops the connection. In HTTP 1.1 all connections are considered persistent unless declared otherwise. ref http tools.ietf.org html rfc2616 section 8.1 Persistent HTTP Connections in RFC 2616 Hypertext Transfer Protocol HTTP 1.1 ref The HTTP persistent connections do not use ..., the default connection timeout of Apache 2.0 httpd ref http httpd.apache.org docs 2.1 mod core.html keepalive Apache HTTP Server KeepAlive Directive ref is as little as 15 seconds ref http httpd.apache.org docs 2.0 mod core.html keepalivetimeout Apache HTTP Server 2.0 KeepAliveTimeout Directive ref and for Apache 2.2 only 5 seconds. ref http httpd.apache.org docs 2.2 mod core.html keepalivetimeout Apache HTTP Server 2.2 KeepAliveTimeout Directive ref The advantage of a short timeout is the ability ... or threads for too long. ref cite web url http docforge.com wiki Httpd KeepAlive title Httpd KeepAlive ... usage because fewer connections are open simultaneously Enables HTTP pipelining of requests and responses ... are intended to improve HTTP response times, avoid congestion. If HTTP pipelining is correctly ... Gettys first2 James last3 et. al. title Network Performance Effects of HTTP 1.1, CSS1, and PNG journal Computer Communication Review volume 27 issue 4 date September 17, 1997 month October url http conferences.sigcomm.org ... 01 23 accessdate 2011 09 23 title HTTP KeepAlive Considered Harmful url http mocko.org.uk b 2011 01 23 http keepalive considered harmful ref For services where single documents are regularly requested ... browsers Image HTTP persistent connection.svg thumb 300px Schema of multiple vs. persistent connection ... some form of LRU algorithm . ref cite web url http www.cs.wisc.edu cao papers persistent connection.html ... more details
Videos
top
