[PHP] http protocols defining what gets sent between web server and browser
hi... this might not be a php question but might still provide interest... I'm working on a project, and need to know if there's anyone who's a guru with Web Server/Client interactions. Basically, I'm trying to get a much better/deeper understanding of the HTTP protocols defining the information that is sent/transfered between the web server/client browser apps. I'm interested in understanding what the various information is that gets transfered between the apps, as well as understanding what information can be spoofed/altered on the client side, as it goes back to the server. I know you can get the querystring information from the get/put/request/etc... I'm more interested in any other information that gets transferred as potentially part of the header structure, like machine id, mac address, date/time, etc I'm interested in whether this can be spoofed/altered, and potentially rendered invalid by a 'man in the middle' type of attack. Searching google isn't getting me what i really want!! So, if you have the skills/expertise in this area, and you're willing to talk to me for a few minutes, I'd appreciate it. As stated, the underlying reason for the questions is to get a better understanding of 'man in the middle attacks' as this applies to web server apps. Thanks bruce [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] http protocols defining what gets sent between web server and browser
I find the LiveHTTPHeaders extension for firefox to be very good for this kind of thing. http://livehttpheaders.mozdev.org/ It gives you a realistic (as opposed to theoretical) view of exactly what is being sent between the browser and the server. Networking details that you listed like the mac address are handled in the networking layer rather than by the browser, you probably also want to look up TCP/IP headers. David bruce wrote: hi... this might not be a php question but might still provide interest... I'm working on a project, and need to know if there's anyone who's a guru with Web Server/Client interactions. Basically, I'm trying to get a much better/deeper understanding of the HTTP protocols defining the information that is sent/transfered between the web server/client browser apps. I'm interested in understanding what the various information is that gets transfered between the apps, as well as understanding what information can be spoofed/altered on the client side, as it goes back to the server. I know you can get the querystring information from the get/put/request/etc... I'm more interested in any other information that gets transferred as potentially part of the header structure, like machine id, mac address, date/time, etc I'm interested in whether this can be spoofed/altered, and potentially rendered invalid by a 'man in the middle' type of attack. Searching google isn't getting me what i really want!! So, if you have the skills/expertise in this area, and you're willing to talk to me for a few minutes, I'd appreciate it. As stated, the underlying reason for the questions is to get a better understanding of 'man in the middle attacks' as this applies to web server apps. Thanks bruce [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] http protocols defining what gets sent between web server and browser
On Wed, Nov 23, 2005 at 04:53:50PM -0800, bruce wrote: hi... this might not be a php question but might still provide interest... I'm working on a project, and need to know if there's anyone who's a guru with Web Server/Client interactions. Basically, I'm trying to get a much better/deeper understanding of the HTTP protocols defining the information that is sent/transfered between the web server/client browser apps. I'd probably recomend this book: http://www.amazon.com/gp/product/0672324547/103-9975129-7570262 Curt. -- cat .signature: No such file or directory -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
