HTTP protocol sniffing and analysis with LiveHTTPHeaders
Assume that you have a web store at http://webshop.example.com and you want to carry out HTTP analysis on this web application. Consider what happens when you browse to the URL http://webshop.example.com. This is the HTTP request that elicits an HTTP response from the web server. Figure 2 shows this HTTP request and response in LiveHTTPHeaders.
Figure 2. Calling the HTTP GET method
The browser makes an HTTP
GET request of the web server, which responds with an HTTP response. Scrutinize the response, and you'll see that it includes key information such as the web server that is running and the session cookie provided to the client. These directives expose this information:
Server: Microsoft-IIS/5.0 X-Powered-By: ASP.NET Set-Cookie: ASPSESSIONIDCACRTBSD=CBEJANOCCIENPPMGDAGFNFBG; path=/
The application also has an HTML form where you can select quantities for products. To see what kind of HTTP request goes across, you could place an order. Figure 3 shows an example of product presentation.
Figure 3. Product presentation for an iPod
When you fill in the required quantity on the form and click on the "Add to cart" button, the browser processes the form:
<form method="post" action="cart.asp"> <input name="id" value="1" type="hidden"> <input name="quantity" value="1" size="2" type="text"> <input value="Add to cart" type="submit"> </form>
After processing this request, the form browser sends the HTTP request. Figure 4 illustrates the HTTP
POST request as it travels over the wire.
Figure 4. POSTing to the server
The browser takes the quantity value of the form and generates a
POST request on the wire with HTTP headers and
Content-Length=15. As far as
POSTed bytes in the HTTP headers go, the browser has sent 15 characters. In this example, that data is