Understanding the GET Method in HTTP Request and Response Formats

HTTP Request Message Format

/>

A blank line is an indispensable line in this request format. After the blank line is the request body. A specific HTTP request message format is as follows:

Language: javascriptCopy

GET /su?wd=www.&action=opensearch&ie=UTF-8 HTTP/1.1Host: suggestion.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36Accept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Cookie: BAIDUID=C2208EC4A287F1C78E1868E06C12C32F:FG=1; BIDUPSID=B7762029AFC604941206D91099D1D897; PSTM=1545827421; BDUSS=WFMRW5qRVBQRDhxNDN0UEpSMlJzZWhJTklITGY3eUVmLTFFeX5iNzY3RDQ1MHRjQVFBQUFBJCQAAAAAAAAAAAEAAACOM48~1tzR9DEyMzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhaJFz4WiRcd; BDORZ=B490B5EBF6F3CD402E515D22BCDA1598; H_PS_PSSID=1468_27209_21093_18559_28328_28131_26350_28266_27245; PSINO=7; delPer=0

The method in the request format refers to methods like GET, POST, HEAD, etc.

• The GET method is used to retrieve the resource specified by the URL. When using the GET method, you can attach request parameters and their corresponding values to the URI, separating the URI and request parameters with a question mark (“?”) and separating parameters with an ampersand (“&”). It is generally suitable for situations where the request information is relatively short. Using a URL request can also expose the information.
• The POST request is generally for form data submitted by the client to the server. Of course, if you are uploading files, you should also use a POST request. The POST request can also better hide information compared to GET requests.
• The HEAD method is similar to GET but without the response body.

URI stands for Uniform Resource Identifier, which is an extension of URL. The URIs we use in the HTTP protocol are actually URLs.

The version refers to the version of the HTTP protocol, such as the HTTP1.1 version when accessing Baidu above.

• Host refers to the server address that receives the request, usually in the form of an IP address or domain name.
• Connection refers to the connection attribute, which is a “persistent connection” with Baidu in this case.
• User-Agent refers to the application making the request. In practice, Chrome browser is used.
• Accept-Encoding indicates the compression formats the client can accept.
• Accept-Language indicates the language types the client accepts.
• Cookie is commonly used to identify the requester.

HTTP Response Message Format

When a client makes an HTTP request, the server sends a response message back to the client after receiving it. The format of the response message is as follows:

Language: javascriptCopy

HTTP/1.1 200 OKDate: Sat, 19 Jan 2019 07:34:02 GMTServer: suggestion.baidu.zbb.dfContent-Length: 99Content-Type: text/javascript; charset=UTF-8Cache-Control: privateExpires: Sat, 19 Jan 2019 08:34:02 GMTContent-Encoding: gzipConnection: Keep-Alive

The first line of the response message contains very important information, which is the HTTP status code. For example, HTTP/1.1 200 OK above, where 200 is the status code returned to the client by the server; 200 means success. The status code in the HTTP protocol consists of three digits, and the first digit categorizes the status into five classes.

• 1XX: Informational. Indicates that the request has been received by the server but needs further processing, ranging from 100 to 101.
• 2XX: Success. The server successfully processed the request. Ranges from 200 to 206.
• 3XX: Client redirection. The redirection status code is used to inform client browsers that the resource they are accessing has been moved and tells the client the new resource location. After receiving the redirection, the client will re-request the new resource. Ranges from 300 to 305.
• 4XX: Client error. The client might have sent something the server can’t process, such as a request with the wrong format or a request for a non-existent resource. Ranges from 400 to 415.
• 5XX: Server error. The client sent a valid request, but the server encountered an error, such as a web program error. Ranges from 500 to 505.

Some common status codes are as follows:

200: Request successful

404: Requested resource not found

400: The request cannot be understood by the server

500: Internal server error

• Server: Name of the web server being used. Attackers can use this header information to probe the web server’s name. Therefore, server-side usually modifies this header information, just like in the case of Baidu.
• Cache-Control specifies the client’s cache policy for the webpage.

Request information and response information can be captured and obtained with Wireshark, and the specific method is as follows.

Wireshark can be downloaded online, and any version will do. After installing it, open the software. I can see the following interface:

/>

The fluctuating part in the interface shows how you access the network, for example, mine uses WLAN. Choose according to your situation. Double-click on the one you selected. Then the following interface will pop up:

Enter http in the application display filter, then open a website in your browser, such as Baidu. You can then find the http connection in the list below. Click the red square on the interface to stop capturing. As follows:

Select any one, then right-click and proceed as shown in the figure below:

Then the following window will pop up, the red part is the request format, and the blue part is the response format.