dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Renamed to httpbasics

Browse Source
This commit is contained in:
Àngel Ollé Blázquez
2022-07-30 19:33:26 +02:00
parent 25948306bd
commit 08ce1add01
12 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/main/resources/lessons/httpbasics/documentation/HttpBasics_plan.adoc Normal file
View File

@ -0,0 +1,28 @@
= HTTP Basics
== Concept
This lesson presents the basics for understanding the transfer of data between the browser and the web application and how to trap a request/response with a HTTP proxy.
== Goals
The user should become familiar with the features of WebGoat by manipulating the above
buttons to view hints, show the HTTP request parameters, the HTTP request cookies, and the Java source code. You may also try using
link:https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project[OWASP Zed Attack Proxy] for the first time.
=== How HTTP works:
All HTTP transactions follow the same general format. Each client request and server response has three parts: the request or response line, a header section and the entity body.
The client initiates a transaction as follows:
* The client contacts the server and sends a document request. A GET request can have url parameters and those parameters will be available in the web access logs.
** GET /index.html?param=value HTTP/1.0
* Next, the client sends optional header information to inform the server of its configuration and the document formats it will accept.
** User-Agent: Mozilla/4.06 Accept: image/gif,image/jpeg, */*
* In a POST request, the user supplied data will follow the optional headers and is not part of the contained within the POST URL.