HTTP is the main communication protocol to access WWW and this protocol is used by almost all web applications. This is a connectionless protocol and it is a message based protocol means user sends a request message and server returns a response message.
HTTP request consists of different headers each on a separate line and each headers has its own different meaning. Here we have designed a very basic form to check the response and request packets.
we setup the proxy and then we open the burp suite to capture request packet.
This is what a typical request packet looks like .
first line indicates the HTTP method . Most web applications uses GET method ,
GET method is used to retrieve resources from the web server. GET request has no message body
next is the URL with an extra perimeter of what the client is passing to that server . This example contains nam1=haclabs&bttn=Submit+Query
next thing is HTTP/1.1 ,means the HTTP version being used.
Host is nothing but the host URL itself.
Next is user-agent header which is used the provide the information about the browser or the client software that generated the request.
Accept tells the server what kind of content client is willing to accept.
Accept-Encoding tells server what kind of encoding client is willing to accept.
Referer header is used to specify the URL from where the request originated.
Connection tells the other end of the communication whether it should close the TCP connection after HTTP transmission is completed ot keep it alive for further messages.
The “upgrade-insecure-requests” Content Security Policy header is used to tell browsers to request things using HTTPS rather than HTTP. It is sometimes referred to as a way to automatically fix mixed content issues when migrating to HTTPS
The only difference between GET and POST request packet is that GET request has no message body where as POST request has a message body so it is a little bit secured then GET request.
we can see the difference clearly between the GET and POST request method from the images.
This is a small introduction about HTTP request.