·URL:
·Uniform Resource Locator 统一资源定位符
·作用:定位服务器资源(收货地址)
·URL的详细格式
·schema://host[:port#]/path/.../[?query-string][#anchor]
·schema:底层协议(例如:http,https,ftp)
·host:服务器的域名或者IP地址
·port:服务器的端口,HTTP默认端口是80(可省略),其他端口要指明
·path:访问资源的路径
·query-string:发送给http服务器的数据
·anchor:锚点,表示在页面的特定位置
·example
http://dun.163.com/sj/test/test.jsp?name=sviergn&x=true#stuff
schema:http
host:dun.163.com
port:没有写,默认是80
path:sj/test/test.jsp
query-string:name=sviergn&x=true
anchor:stuff
·HTTP:
·Hyper Text Transfer Protocol 超文本传输协议
·是Web通信时使用的协议
·Web的基础
·什么是HTTP协议
·送货人:快递小哥 ==>浏览器
·方式:汽车 ==> Get、Post、......
·收件人地址:浙江省杭州市滨江区 ==>Host
·快递公司:某某快递 ==>User-Agent
·公司通行证:通行证 ==>Cookie
·签收状态:已签收 ==>Response:HTTP 200 +正文,其中200表示正常收到
·HTTP的报文:
·请求报文
·请求行
·头部
·(cookies) 盗取cookie的安全漏洞
·空行
·数据体
·响应报文
·状态行
·消息报头
·空行
·响应正文
·HTTP请求---其他请求方式
·HEAD:与GET请求类似,不同在于服务器只返回HTTP头部信息,没有页面内容
·PUT:上传指定URL的描述
·DELETE:删除指定资源
·OPTIONS:返回服务器支持的HTTP方法
·HTTP请求---Referer
·告知服务器该请求的来源(浏览器自动加上)
·统计流量
·CNZZ
·百度统计
·判断来源合法性
·防止盗链(此图片来自QQ空间,未经允许不可引用)
·防止CSRF漏洞
实战:
Google
开发者工具
Network
all
88个请求
status全部是200,表示正常收到
DOC
看到返回码是200
点到Headers
·看到响应头和请求头
·Request Header查看源码:view parsed
GET / HTTP/1.1
Host: dun.163.com
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: __f_=1544852246824; _ntes_nnid=e9eeb140628c00705c2821052b21d527,1544852246937; _ntes_nuid=e9eeb140628c00705c2821052b21d527; NTES_YD_PASSPORT=COxHyuBVDRNP_vnRUIofX6bTrmeB7N0yJY_AvuC2Jpz4rOhUrIJ5LfcR.F_AyQRWwuVoU_vN2Aa6270P4x7nrDH3kojqPBxDdFKprCOTzX7XLwjOMh61HMoebBsyluXrFw6Plleu.8CpN2R0Dr3OAs016Nb_9cSb_uPWpAu6b4ZnPuvb.jU4HJNwjikacmEt3xiWYAKfZsrpf; [email protected]|1544871550|0|mail163|00&99|shh&1544234478&mail163#shh&null#10#0#0|151481&0|mailmaster_android&mail163&mail163_qrcode|[email protected]; NNSSPID=6f55d35753984fce8a2008b5bd706eaf; mail_psc_fingerprint=9fd5e21e2dbea2a6eb13aa3822246319; usertrack=CrHud1wU3oNDzuLjA0DuAg==; Province=021; City=021; NTES_hp_textlink1=old; UM_distinctid=167b4f24be563a-07f5ddb5df4fb9-3f674706-1fa400-167b4f24be61b0; _ga=GA1.2.1439639983.1544932352; _gid=GA1.2.1352615126.1544932352; Hm_lvt_4671c5d502135636b837050ec6d716ce=1544932353,1544936844; Hm_lpvt_4671c5d502135636b837050ec6d716ce=1544938581
dun.163.com
·Response Header查看源码:view parsed
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 16 Dec 2018 05:36:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-readtime: 1
Content-Encoding: gzip
·DOC-Response-响应的结构体
·Cookies
·Timing
报文: