webgoat
main
project
JavaSource
WebContent
META-INF
WEB-INF
css
database
images
javascript
lesson_plans
AccessControlMatrix.html
BackDoors.html
BasicAuthentication.html
BlindSqlInjection.html
BufferOverflow.html
CSRF.html
ChallengeScreen.html
CommandInjection.html
CrossSiteScripting.html
DOMInjection.html
DOS_Login.html
Encoding.html
FailOpenAuthentication.html
ForcedBrowsing.html
ForgotPassword.html
HiddenFieldTampering.html
HtmlClues.html
HttpBasics.html
HttpOnly.html
HttpSplitting.html
JSONInjection.html
JavaScriptValidation.html
Lesson_Plan_Template.html
LogSpoofing.html
NewLesson.html
PathBasedAccessControl.html
ReflectedXSS.html
RemoteAdminFlaw.html
RoleBasedAccessControl.html
SilentTransactions.html
SoapRequest.html
SqlNumericInjection.html
SqlStringInjection.html
StoredXss.html
ThreadSafetyProblem.html
TraceXSS.html
UncheckedEmail.html
WSDLScanning.html
WeakAuthenticationCookie.html
WeakSessionID.html
WelcomeScreeen.html
WsSAXInjection.html
WsSqlInjection.html
XMLInjection.html
XPATHInjection.html
lesson_template
lessons
users
main.jsp
sideWindow.jsp
webgoat.jsp
webgoat_challenge.jsp
doc
build.xml
HOW TO create the WebGoat workspace.txt
WAR Installation Instructions.txt
build.xml
eclipse.bat
readme.txt
webgoat.bat
webgoat.sh
webgoat_8080.bat
webscarab.bat
98949c00d8
git-svn-id: http://webgoat.googlecode.com/svn/trunk@15 4033779f-a91e-0410-96ef-6bf7bf53c507
27 lines
1.5 KiB
HTML
27 lines
1.5 KiB
HTML
<div align="Center">
|
|
<p><b>Lesson Plan Title:</b> Http Basics </p>
|
|
</div>
|
|
|
|
<p><b>Concept / Topic To Teach:</b> </p>
|
|
This lesson presents the basics for understanding the transfer of data between the browser and the web application.<br>
|
|
<div align="Left">
|
|
<p>
|
|
<b>How HTTP works:</b>
|
|
</p>
|
|
All HTTP transactions follow the same general format. Each client request and server response has three parts: the request or response line, a header section, and the entity body. The client initiates a transaction as follows: <br>
|
|
<br>
|
|
The client contacts the server and sends a document request <br>
|
|
</div>
|
|
<br>
|
|
<ul>GET /index.html?param=value HTTP/1.0</ul>
|
|
Next, the client sends optional header information to inform the server of its configuration and the document formats it will accept.<br>
|
|
<br>
|
|
<ul>User-Agent: Mozilla/4.06 Accept: image/gif,image/jpeg, */*</ul>
|
|
After sending the request and headers, the client may send additional data. This data is mostly used by CGI programs using the POST method.<br>
|
|
<p><b>General Goal(s):</b> </p>
|
|
<!-- Start Instructions -->
|
|
Enter your name in the input field below and press "go" to submit. The server will accept the request, reverse the input, and display it back to the user, illustrating the basics of handling an HTTP request.
|
|
<br/><br/>
|
|
The user should become familiar with the features of WebGoat by manipulating the above
|
|
buttons to view hints, show the HTTP request parameters, the HTTP request cookies, and the Java source code.
|
|
<!-- Stop Instructions --> |