2.5 HTTP method to inform the server of intention
In this chapter, we will learn a lot about the methods used in HTTP. First, take a look at the chart
| method | explain | Supported HTTP versions |
|---|---|---|
| GET | Get resources | 1.0,1.1 |
| POST | Transport entity principal | 1.0,1.1 |
| PUT | transfer files | 1.0,1.1 |
| HEAD | Get message header | 1.0,1.1 |
| DELETE | Delete file | 1.0,1.1 |
| OPTIONS | Ask for support | 1.1 |
| TRACE | Tracking path | 1.1 |
| CONNECT | Tunnel protocol connection proxy is required | 1.1 |
| LINK | Establish links with resources | 1.0 |
| UNLINK | Disconnect | 1.0 |
1.GET: get resources
The GET method is used to request access to a resource that has been identified by the URI. The content of the response returned after the specified resource is parsed by the server.
If the requested resource is text, return it as it is; If it is a program like CGI, the output result after execution is returned.
CGI - Common Gateway Interface
Take two examples of GET requests:
--------------------------------------------------------------
request GET/index.html HTTP/1.1
Host:www.hack.jp
Response return index.html Page resources for
--------------------------------------------------------------
request GET/index.html HTTP/1.1
Host:www.hackr.jp
If-Modified-Since:Thu, 12 Jul 2012 07:30:00 GMT
The response only returns those updated after 7:30 on July 12, 2012 index.html Page resources.
If there is no content update, the status code 304 is displayed Not Modified Returned as a response.
---------------------------------------------------------------
2.POST: transfer entity principal
Although the GET method can also be used to transfer the entity body, the GET method is generally not used for transmission, but the POST method is used.
Although the two functions are similar, the main purpose of POST is not to obtain the main content of the response.
An example of using the POST method to obtain a response:
-------------------------------------------
request POST/submit.cgi HTTP/1.1
Host:www.hackr.jp
Content-Length:1560(1560 Bytes of data)
Response return submit.cgi Processing results of received data
-------------------------------------------
3.PUT: transfer file
The PUT method is used to transfer files, just like file upload in FTP protocol. It requires that the file content be included in the body of the message, and then saved to the location specified in the request URI.
However, because the PUT method of HTTP/1.1 does not have an authentication mechanism, anyone can upload files, which has security problems. Therefore, Web sites generally do not use this method.
Examples of request and response using PUT method:
--------------------------------------------------------------
request PUT/example.html HTTP/1.1
Host:www.hackr.jp
Content-Type:text/html
Content-Length:1560(1560 Byte data)
Response return status code 204 No Content(For example: the html (already exists on server)
--------------------------------------------------------------
4.HEAD: get message header
The HEAD method is the same as the GET method, except that it does not return the main part of the message.
It is used to confirm the validity of URI and the date and time of resource update.
Examples of requests and responses using the HEAD method:
----------------------------------
request HEAD/index.html HTTP/1.1
Host:www.hackr.jp
Response return index.html Related response header
----------------------------------
5.DELETE: delete a file
The DELETE method is used to DELETE files. It is the opposite of PUT
However, general Web sites do not use the DELETE method, because the DELETE method, like the PUT method, does not have an authentication mechanism=-=|||
Example of request and response using DELETE method
---------------------------------
request DELETE/example.html HTTP/1.1
Host:www.hackr.jp
Response return status code 204 No Content
---------------------------------
6.OPTIONS: query the supported methods
This method is used to query the resource support method specified for the request URI.
-----------------------------------------------------
request OPTIONS * HTTP/1.1
HOST:www.hackr.jp
response HTTP/1.1 200 OK
Allow:GET,POST,HEAD,OPTIONS(Returns the methods supported by the server)
-----------------------------------------------------
7.TRACE: trace path
TRACE method is a method that allows the Web server to return the previous request communication to the client.
However, TRACE method is not commonly used, and it is easy to cause XST attacks. It is usually not used.
The full name of XST is cross site tracing
This method QWQ will not be repeated here
8.CONNECT: it is required to connect the agent with tunnel protocol
The CONNECT method requires to establish a tunnel when communicating with the proxy server to realize TCP communication with the tunnel protocol.
It mainly uses SSL and TLS protocol to encrypt the communication content and transmit it through network tunnel.
SSL - Secure Sockets Layer
TLS - Transport Layer Security
The format of the CONNECT method is as follows
------------------------------------------
request CONNECT porxy.hackr.jp:8080 HTTP/1.1
Host: proxy.hack.jp
response Http/1.1 200 OK(Then enter the network tunnel)
------------------------------------------
Among these methods, UNLINK and LINK have been abandoned, so I won't repeat it here!