every URL is also a URI, but there are URIs which are not URLs.
<protocol(scheme)> :// <user> : <pass> @ <host> : < port> / <path> ? <query> # <frag>
/var/www/
http://www.example.com/1.html
→
/var/www/1.html
http://www.example.com/1/2/3.jpg
→
/var/www/1/2/3.jpg
http://www.example.com/1/2/../3.jpg
→ /var/www/1/3.jpg
π€¨name=value
formatA simple HTTP Request & Response Service.
This may be case sensitive or not.
~
→ 126
→ %7E
https://ganj.irandoc.ac.ir/api/v1/search/main?keywords=hellow%20world
2950 113.658623720 192.168.73.191 3.220.112.94 TCP 74 59890 β 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=335902154 TSecr=0 WS=128
2956 113.848038152 3.220.112.94 192.168.73.191 TCP 74 80 β 59890 [SYN, ACK] Seq=0 Ack=1 Win=26847 Len=0 MSS=1460 SACK_PERM=1 TSval=1360379473 TSecr=335902154 WS=256
2957 113.848146169 192.168.73.191 3.220.112.94 TCP 66 59890 β 80 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=335902344 TSecr=1360379473
2958 113.848626070 192.168.73.191 3.220.112.94 HTTP 503 GET /bytes/1378 HTTP/1.1
2962 114.079894429 3.220.112.94 192.168.73.191 TCP 66 80 β 59890 [ACK] Seq=1 Ack=438 Win=28160 Len=0 TSval=1360379525 TSecr=335902344
2963 114.080912334 3.220.112.94 192.168.73.191 HTTP 1683 HTTP/1.1 200 OK
2964 114.080950090 192.168.73.191 3.220.112.94 TCP 66 59890 β 80 [ACK] Seq=438 Ack=1618 Win=62720 Len=0 TSval=335902576 TSecr=1360379526
GET /index.html HTTP/1.1
Host: www.aut.ac.ir
User-Agent: Mozilla/36.0
Accept-Language: en-us
Connection: keep-alive
Method<sp>Path<sp>Version<CRLF>
Header-Field:Header-Value<CRLF>
...
Header-Field:Header-Value<CRLF>
<CRLF>
Entity-Body
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2018 20:30:40
Server: Apache/2.2.2
Last-Modified: Mon, 03 May 2017 10:20:22
Connection: keep-alive
Content-Length: 3000
data data data ...
Version<sp>Code<sp>Reason<CRLF>
Header-Field:Header-Value<CRLF>
...
Header-Field:Header-Value<CRLF>
<CRLF>
Entity-Body
from https://avatars1.githubusercontent.com/u/8181240?v=4
GET /cookies/set?name=parham&family=alvani HTTP/1.1
Host: httpbin.org
HTTP/1.1 302 FOUND
Date: Mon, 07 Sep 2020 05:19:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 223
Connection: keep-alive
Server: gunicorn/19.9.0
Location: /cookies
Set-Cookie: name=parham; Path=/
Set-Cookie: family=alvani; Path=/
GET /cookies HTTP/1.1
Host: httpbin.org
Cookie: name=parham; family=alvani
HTTP/1.1 200 OK
Date: Mon, 07 Sep 2020 05:23:53 GMT
Content-Type: application/json
Content-Length: 58
Connection: keep-alive
Server: gunicorn/19.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
{
"cookies": {
"family": "alvani",
"name": "parham"
}
}
SameSite=None
is set, the cookie
Secure
attribute must also be set (or the cookie will be blocked).Neither Strict nor Lax are a complete solution for your site's security. Cookies are sent as part of the user's request and you should treat them the same as any other user input. That means sanitizing and validating the input. Never use a cookie to store data you consider a server-side secret.
Cache-Control
HTTP/1.1
general-header field is used to specify
directives for caching mechanisms in
both requests and responses.the maximum amount of time a resource will be considered fresh.
Cache-Control: max-age=<seconds>
The cache should not store anything about the client request or server response.
Cache-Control: no-store
A cache will send the request to the origin server for validation before releasing a cached copy.
Cache-Control: no-cache
If-Modified-Since
: current
last-modified timeIf-None-Match
: the server will send back
the requested resource, with a 200 status, only if it doesn't have an
ETag matching the given ones.ETag
HTTP response header is an
identifier for a specific version of a resource.user:pass
[The username itself cannot contain a colon]
GET /basic-auth/admin/admin HTTP/1.1
Host: httpbin.org
Authorization: Basic YWRtaW46YWRtaW4=
HTTP/1.1 200 OK
Date: Mon, 07 Sep 2020 14:14:25 GMT
Content-Type: application/json
Content-Length: 48
Connection: keep-alive
Server: gunicorn/19.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
{
"authenticated": true,
"user": "admin"
}
WWW-Authenticate: Digest realm="testrealm@host.com",
qop="auth,auth-int",
nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
opaque="5ccc069c403ebaf9f0171e9517f40e41"
HA1 = MD5(username:realm:password)
HA2 = MD5(method:digestURI)
response = MD5(HA1:nonce:HA2)
Authorization: Digest username="Mufasa",
realm="testrealm@host.com",
nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093",
uri="/dir/index.html",
qop=auth,
nc=00000001,
cnonce="0a4f113b",
response="6629fae49393a05397450978507c4ef1",
opaque="5ccc069c403ebaf9f0171e9517f40e41"
hash(pass, nonce)
give access to the bearer of this token.
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.
eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IlBhcmhhbSBBbHZhbmkiLCJpYXQiOjE1MTYyMzkwMjIsInByb2plY3QiOiJhbiBhd2Vzb21lIHByb2plY3QifQ.
gWWHu5Ps_F6lbqJRBXkNjEk_-0QdLhN9l2MNjWOcj90
{
"alg": "HS256",
"typ": "JWT"
}
{
"sub": "1234567890",
"name": "Parham Alvani",
"iat": 1516239022,
"project": "an awesome project"
}
{
"alg": "RS512",
"kid": "z8a4l4oOFEqgehRYDBZP+fprPnLDLmabkslOxVVpLNE",
"typ": "JWT"
}
{
"aud": [
"passenger"
],
"email": "parhamalvani@gmail.com",
"exp": 1646469738,
"iat": 1645260138,
"iss": 1,
"jti": "2NFKm5FfEey65wIArBQAz289hDgf/E0gjnyXrNCM0v4",
"sid": "25JzmlUBAwtMfQvT7qmOalw5M7p",
"sub": "KpQxO5glyv04Ad1"
}