From Encyclopedia Dramatica
Jump to navigation Jump to search
Can has Happycat?

HTTP is an acronym for 'HyperText Transfer Protocol', which by default works on port 80. Invented by some Dutchfag named Tim Berners-Lee, it is what makes your viewing and sharing of lolcats on the World Wide Web possible.

HTTP Requests

This is what it looks like when you get NIMP'ed.

Header Description Example
Accept Content-Types that are acceptable Accept: text/plain
Accept-Charset Character sets that are acceptable Accept-Charset: iso-8859-5
Accept-Encoding Acceptable encodings Accept-Encoding: compress, gzip
Accept-Language Acceptable languages for response Accept-Language: de
Accept-Ranges Allows the server to indicate its acceptance of range requests for a resource Accept-Ranges: bytes
Authorization Authentication credentials for HTTP authentication Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Cache-Control Used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain Cache-Control: no-cache
Connection What type of connection the user-agent would prefer Connection: close
Cookie an HTTP cookie previously sent by the server with Set-Cookie (below) Cookie: $Version=1; UserId=BLACKJAMES
Content-Type The mime-type of the body of the request (used with POST and PUT requests) Content-Type: application/x-www-form-urlencoded
Date The date and time that the message was sent Date: Tue, 5 Nov 1337 01:33:70 GMT
Expect Indicates that particular server behaviors are required by the client Expect: 100-continue
Host The domain name of the server (for virtual hosting), mandatory since HTTP/1.1 Host:
If-Match Only perform the action if the client supplied entity matches the same entity on the server. This is mainly for methods like PUT to only update a resource if it has not been modified since the user last updated it. If-Match: "737060cd8c284d8af7ad3082f209582d"
If-Modified-Since Allows a 304 Not Modified to be returned if content is unchanged If-Modified-Since: Cat, 01 Oct 2000 00:00:00 GMT
If-None-Match Allows a 304 Not Modified to be returned if content is unchanged, see HTTP ETag If-None-Match: "737060cd8c284d8af7ad3082f209582d"
If-Range If the entity is unchanged, send me the part(s) that I am missing; otherwise, send me the entire new entity If-Range: "737060cd8c284d8af7ad3082f209582d"
If-Unmodified-Since Only send the response if the entity has not been modified since a specific time. If-Unmodified-Since: Mon, 29 Dec 1894 11:11:11 GMT
Max-Forwards Limit the number of times the message can be forwarded through proxies or gateways. Max-Forwards: 10
Pragma Implementation-specific headers that may have various effects anywhere along the request-response chain. Pragma: no-cache
Proxy-Authorization Authorization credentials for connecting to a proxy. Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Range Request only part of an entity. Range: bytes=500-999
Referrer This is the address of the previous web page from which a link to the currently requested page was followed. Referer:
TE The transfer encodings the user is willing to accept. TE: trailers, deflate;q=0.5
Upgrade Ask the server to upgrade to another protocol. Upgrade: HTTP/2.0, SHTTP/1.3, IRC/6.9, RTA/x11
User-Agent The user agent string of the user agent User-Agent: Mozilla/5.0 (Linux; X11; UTF-8)
Via Informs the server of proxies through which the request was sent. Via: 1.0 fred, 1.1 (Apache/1.1)
Warn A general warning about possible problems with the entity body. Warn: 199 Miscellaneous warning


Header Description Example
Accept-Ranges What partial content range types this server supports Accept-Ranges: bytes
Age The age the object has been in a proxy cache in seconds Age: 12
Allow Valid actions for a specified resource. To be used for a 405 Method not allowed Allow: GET, HEAD
Cache-Control Tells all caching mechanisms from server to client whether they may cache this object Cache-Control: no-cache
Content-Encoding The type of encoding used on the data Content-Encoding: gzip
Content-Language The language the content is in Content-Language: de
Content-Length The length of the response body in 8-bit bytes Content-Length: 348
Content-Location An alternate location for the returned data Content-Location: /aids.html
Content-Disposition An opportunity to raise a "File Download" dialogue box for a known MIME type Content-Disposition: attachment; filename=hueg3.jpg
Content-MD5 An MD5 sum of the content of the response Content-MD5: 3167b9c13ad2b6d36946493fc47976c8
Content-Range Where in a full body message this partial message belongs Content-Range: bytes 21010-47021/47022
Content-Type The mime type of this content Content-Type: text/html; charset=utf-8
Date The date and time that the message was sent Date: Tue, 1 Jan 2000 00:00:01 GMT
ETag An identifier for a specific version of a resource, often a Message Digest, see ETag ETag: 737060cd8c284d8af7ad3082f209582d
Expires Gives the date/time after which the response is considered stale Expires: Cat, 01 Dec 2994 16:00:00 GMT
Last-Modified The last modified date for the requested object. Last-Modified: Tue, 15 Feb 3994 12:45:26 GMT
Location Used in redirection Location:
Pragma Implementation-specific headers that may have various effects anywhere along the request-response chain. Pragma: no-cache
Proxy-Authenticate Request authentication to access the proxy. Proxy-Authenticate: Basic"
Retry-After If an entity is temporarily unavailable, this instructs the client to try again after a specified period of time. Retry-After: 120
Server A name for the server Server: Apache/1.3.27 (Unix) (Red-Hat/Linux)
Set-Cookie an HTTP cookie Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1
Trailer The Trailer general field value indicates that the given set of header fields is present in the trailer of a message encoded with chunked transfer-coding. Trailer: Max-Forwards
Transfer-Encoding The form of encoding used to safely transfer the entity to the user. Transfer-Encoding: chunked
Vary Tells downstream proxies how to match future request headers to decide whether the cached response can be used rather than requesting a fresh one from the origin server. Vary: *
Via Informs the client of proxies through which the response was sent. Via: 1.0 fred, 1.1 (Apache/1.1)
Warn A general warning about possible problems with the entity body. Warn: 199 Miscellaneous warning
WWW-Authenticate Indicates the authentication scheme that should be used to access the requested entity. WWW-Authenticate: Basic

Messing With HTTP

If you want to fuck this shit up go here:


File:Curl screenshot.png
A wild curl appears!

cUrl is a command-line http client, similar to wget. It's designed for use only by gods. When invoked with a URL, it downloads the file and prints it to standard out. It can be used as a simple download manager like so:

curl url_of_file_to_download > filename.whatever

Unlike wget, curl cannot do recursion. However, it works better for submitting forms, which makes it perfect for spamming forums and blogs.

How To

First, we must find the names of the fields to submit. We could examine the HTML source ourselves, and find the relevant FORM block. However, that can be pretty difficult. For example, /b/'s FORM has several Javascript functions embedded in it. An easier method is to use the script to do it for us. Formfind greps through the html to find any html forms.

  $ curl -x localhost:3128 -A Mozilla/4.0 | | head -n 12
--- FORM report. Uses POST to URL ""
--- type: multipart form upload [use -F]
Input: NAME="name" (HIDDEN)
Input: NAME="sub" (HIDDEN)
Input: NAME="email" (TEXT)
Button: "Submit" (SUBMIT)
Textarea: NAME="com"
Input: NAME="upfile" (FILE)
Input: NAME="pwd" (PASSWORD)
Input: NAME="mode" VALUE="regist" (HIDDEN)
--- end of FORM

-x tells curl to use the proxy localhost:3128 and -A specifies the user agent. We pipe it to formfind, and only view the top of the output. This tells us sever al things: It tells us the names of the fields. It tells us that this form uses multipart-encoded POST to submit the form. If it used GET instead, we would need to append ampersand delimited key/value pairs to the end of the URL. It tells us what URL to POST to. In this case, it is ""

So, we run the following:

curl  -x localhost:3128 -A Mozilla/4.0 -F "email=noko" \
-F "com=testtesttest" 
-F "[email protected]/funny/1194718640468.png" \
-F "pwd=xx" 
-F "mode=regist"

-F specifies a key/value pair to POST. We don't need to fill out the empty hidden fields, but we do need to carry over the "mode" field. The "at" symbol before ".4chan" specifies that curl should take its input for that field from the filename following the "at".

One could then wrap this in a loop to get it to repeat. One could also launch several processes, for maximum raep.

See Also


HTTP is part of a series on Programming.

[2 L337 4 MEEnter the Matrix]

Wtf icon.gif
HTTP is part of a series on Acronyms
Wtf icon.gif
Internets Lingo


Other Lingo


Online Places & Groups


Moar Internet Shit


IRL Acronyms


Bad Acronyms


is part of a series on
Too mooch data.jpg


AspierationsBLANKING IN PROGRESSCharming NaïvetéDelete fucking everythingDOIN IT RONGEdginessFailing itInternet tough guyKids on the internetLegal actionLiberalismMental illnessMod SassSkript kiddiesSob StoriesTrollsUnrealistic ExpectationsUnwarranted Self-ImportanceWaaaambulance

Previous Hiscores:
AnimaljailApplemilk1988Cheryl ShumanDalhuskyFlardoxHal TurnerLittleCloudOnigojirakaijuPrince JeremyScience PiratesScientologySokiTwopawSweet EvaPeppermintPattiPoeticironyXxPrincessPunkxxZeriara

An heroGoing Back To GaiaLURKING MOARProtect fucking everythingShutting The Fuck UpStopping posting

Softwarez series.jpg

HTTP is part of a series on


Visit the Softwarez Portal for complete coverage.