'm trying to use the If-Modified-Since command in Telnet. I want to get a 304 Not modified statut code. I tried this but it don't work, I get a 400 bad request error
telnet lemonde.fr 80
GET /index.html HTTP/1.1
User-Agent: Mozilla/5.0
From: yahoo.com
Accept: text/html,text/plain,application/*
Host: www.lemonde.fr
If-Modified-Since: Wed, 19 Oct 2015 10:50:00 GMT
<linefeed>
I got as a result
HTTP/1.0 400 Bad request Cache-Control: no-cache Connection: close
Content-Type: text/html
You need to define the HTTP port. So try:
telnet lemonde.fr 80
The default telnet port is 23. So you won't be able to communicate with the HTTP server.
Related
I installed odoo on centos 8 and use httpd as a reverse proxy. Like other Apache hardening, I use ServerTokens Proddan ServerSignature Off to hide server information.
but when I try wget the results still show server information
Spider mode enabled. Check if remote file exists.
--2020-03-12 11:57:14-- http://my.domain/
Resolving my.domain (my.domain)... 169.0.0.1
Connecting to my.domain (my.domain)|169.0.0.1|:80... connected.
HTTP request sent, awaiting response...
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://my.domain/
Location: https://my.domain/ [following]
Spider mode enabled. Check if remote file exists.
--2020-03-12 11:57:14-- https://my.domain/
Connecting to my.domain (my.domain)|169.0.0.1|:443... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Date: Thu, 12 Mar 2020 04:56:55 GMT
Server: Werkzeug/0.14.1 Python/3.7.5
Content-Type: text/html; charset=utf-8
Content-Length: 10589
Set-Cookie: frontend_lang=en_US; Path=/
Set-Cookie: session_id=s8487a5ec76bd455f42680c38195b5f7f0285d563; Expires=Wed, 10-Jun-2020 04:56:55 GMT; Max-Age=7776000; HttpOnly; Path=/
Vary: User-Agent
Length: 10589 (10K) [text/html]
Remote file exists and could contain further links,
but recursion is disabled -- not retrieving.
well it can use mod_header and mod_rewrite, then add
add Header set Server "value that you want" to your apache virtual host
I need to configure Burp Suite to intercept data between web browser and proxy server. The proxy server requires a basic authentication (Username & Password) while connecting for the first time in each session. I have tried the 'Redirect to host' option in Burp Suite(Entered the proxy server address and port in the fields):
Proxy >> Options >> Proxy Listeners >> Request Handling
But I can't see an option to use the authentication that is required while connecting to this proxy server.
While accessing google.com, the request headers are:
GET / HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (X11; Linux i686) KHTML/4.13.3 (like Gecko) Konqueror/4.13
Accept: text/html, text/*;q=0.9, image/jpeg;q=0.9, image/png;q=0.9, image/*;q=0.9, */*;q=0.8
Accept-Encoding: gzip, deflate, x-gzip, x-deflate
Accept-Charset: utf-8,*;q=0.5
Accept-Language: en-US,en;q=0.9
Connection: close
And the response is:
HTTP/1.1 400 Bad Request
Server: squid/3.3.8
Mime-Version: 1.0
Date: Thu, 10 Mar 2016 15:14:12 GMT
Content-Type: text/html
Content-Length: 3163
X-Squid-Error: ERR_INVALID_URL 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from proxy.abc.in
X-Cache-Lookup: NONE from proxy.abc.in:3343
Via: 1.1 proxy.abc.in (squid/3.3.8)
Connection: close
you were on the right track, just at the wrong place. You need to setup an upstream proxy at:
Options>>Connections>>Upstream proxy
There you can also setup the authentication
Options>>Connections>>Platform authentication
Here you can create different auth configurations, which will be done if the server requests it.
What do I set in Paw to allow for a login? I have tried to use the allow cookies with to no avail.
I am working through this tutorial on Github to learn the MEAN stack. Sign up seems to be working but sign in is not.
Sign up request is:
GET /auth/success HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Cookie: connect.sid=s%3A6q22s9GpNRDITB3wKBoxS1emnKCcIR3B.pI3dzqqtSBSBVgkzl7Uib4aqNAf%2Bh5iszoWDMzWPpR8
Host: localhost:3000
Connection: close
User-Agent: Paw/2.2.2 (Macintosh; OS X/10.10.3) GCDHTTPRequest
and the result is:
HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 121
ETag: W/"79-56130229"
Date: Thu, 18 Jun 2015 19:52:43 GMT
Connection: close
{"state":"success","user":{"username":"admin","password":"$2a$10$AD5NBc6c6iZ09/eXuYd9oOfTEZ6MnRNYWneLy.SNPFAWf/HX1V0.6"}}
The user is created. But the login request fails every time; the request is:
GET /auth/failure HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Cookie: connect.sid=s%3A6q22s9GpNRDITB3wKBoxS1emnKCcIR3B.pI3dzqqtSBSBVgkzl7Uib4aqNAf%2Bh5iszoWDMzWPpR8
Host: localhost:3000
Connection: close
User-Agent: Paw/2.2.2 (Macintosh; OS X/10.10.3) GCDHTTPRequest
the response is:
HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 72
ETag: W/"48-ed4f121"
Date: Thu, 18 Jun 2015 19:53:03 GMT
Connection: close
{"state":"failure","user":null,"message":"Invalid username or password"}
What it comes down to is: Is there something in paw that needs to be enabled to allow sign in testing or is my code more likely to be the problem? My code is almost verbatim from the module three part of that Github repo linked above. Any and all help would be appreciated.
Note: I did not post code on purpose as to not clutter the question. If you need to see something I can add it just let me know.
While I was not sure of my exact error I had with more trouble shooting i saw that you need to make sure that you have follow redirects on and cookies being saved.
The first request (or batch of requests) I send from a WCF-Custom adapter using the wsHttpBinding (also tried basicHttp) does not include the Authorization Header.
Request 1 Headers
POST https://axis2service.com/HttpSoap12Endpoint/ HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Host: axis2service.com
Content-Length: 556
Expect: 100-continue
Accept-Encoding: gzip, deflate
Connection: Keep-Alive
The service returns a 401 to which I respond with the below.
Request 2 Headers
POST https://axis2service.com/HttpSoap12Endpoint/ HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Authorization: Basic XXXXXX
Host: axis2service.com
Content-Length: 556
Expect: 100-continue
Accept-Encoding: gzip, deflate
To which the axis2 on apache service responds with a 504 and Connection: close
This seems to be a known issue, how can I make request 1 include the Authorization header every time?
Note: The request 1 headers only get sent on the first request after a Host Instance restart. All subsequent requests from the adapter use the request 2 headers therefore bypassing the handshake stage.
I'm using Nginx + uwsgi + python3
Sending any header via start_response goes well, but when I want to send more than one header, it becomes mad.
For example, if I write:
start_response('200 OK', [('Last-Modified', 'Wed, 11 Jan 2012 00:00:00 GMT'), ('Content-Type', 'text/html; charset=windows-1251')])
The headers sent are:
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Server: nginx/1.0.11
Connection: close
Date: Wed, 11 Jan 2012 04:17:22 GMT
Content-Type: text/html; charset=windows-1251
Content-Type: text/html; charset=windows-12
uwsgi sends the same header twice and even more the second one is broken.
which uWSGI and nginx version ? In both 0.9.8.x and 1.0.x i cannot reproduce your error.
You can check the real headers sent by uWSGI putting it in http mode with --http/--http-socket