Question

Once a connection is established, the browser and server communicate via the HyperText Transfer Protocol ( HTTP) . HTTP is a set of rules that specifies how to structure and interpret internet messages, and how web clients and web servers should exchange information.

一旦建立连接，浏览器和服务器通过超文本传输协议（HTTP）进行通信。 HTTP 是一组规则，它指定如何构造和解释 Internet 消息，以及 Web 客户端和 Web 服务器应如何交换信息。

When your browser wants to interact with a server, it sends the server an HTTP request . There are different types of HTTP requests, and the two most common are GET and POST. By convention, GET requests retrieve data from the server, while POST requests submit data to it. Other common HTTP methods include OPTIONS, used to request permitted HTTP methods for a given URL; PUT, used to update a resource; and DELETE, used to delete a resource.

当您的浏览器想要与服务器进行交互时，它会向服务器发送一个 HTTP 请求。有不同类型的 HTTP 请求，其中最常见的是 GET 和 POST。按照惯例，GET 请求从服务器检索数据，而 POST 请求将数据提交到服务器。其他常见的 HTTP 方法包括 OPTIONS，用于请求给定 URL 的允许 HTTP 方法; PUT，用于更新资源; DELETE，用于删除资源。

Here is an example GET request that asks the server for the home page of www.google.com :

这是一个示例 GET 请求，它请求服务器获取 www.google.com 的主页：

GET / HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0
Accept: text/html,application/xhtml+xml,application/xml
Accept-Language: en-US
Accept-Encoding: gzip, deflate
Connection: close

Let’s walk through the structure of this request, since you’ll be seeing a lot of these in this book. All HTTP requests are composed of a request line, request headers, and an optional request body. The preceding example contains only the request line and headers.

让我们一起来看看这个请求的结构，因为在这本书中你将看到很多类似的请求。所有的 HTTP 请求都由一个请求行、请求头和一个可选的请求体组成。前面的例子只包含了请求行和头信息。

The request line is the first line of the HTTP request. It specifies the request method, the requested URL, and the version of HTTP used. Here, you can see that the client is sending an HTTP GET request to the home page of www.google.com using HTTP version 1.1.

请求行是 HTTP 请求的第一行。它指定了请求方法，所请求的 URL 和 HTTP 使用的版本。在这里，你可以看到客户端正在使用 HTTP 版本 1.1 向 www.google.com 的主页发送 HTTP GET 请求。

The rest of the lines are HTTP request headers . These are used to pass additional information about the request to the server. This allows the server to customize results sent to the client. In the preceding example, the Host header specifies the hostname of the request. The User-Agent header contains the operating system and software version of the requesting software, such as the user’s web browser. The Accept , Accept-Language , and Accept-Encoding headers tell the server which format the responses should be in. And the Connection header tells the server whether the network connection should stay open after the server responds.

其余的行是 HTTP 请求头。它们用于向服务器传递有关请求的其他信息。这使服务器能够自定义发送到客户端的结果。在上面的示例中，Host 头指定请求的主机名。User-Agent 头包含请求软件的操作系统和软件版本，例如用户的 Web 浏览器。Accept，Accept-Language 和 Accept-Encoding 头告诉服务器响应应该采用哪种格式。而 Connection 头告诉服务器，在服务器响应后，网络连接是否应保持打开状态。

You might see a few other common headers in requests. The Cookie header is used to send cookies from the client to the server. The Referer header specifies the address of the previous web page that linked to the current page. And the Authorization header contains credentials to authenticate a user to a server.

您可能会在请求中看到一些其他常见的标题。 Cookie 标题用于从客户端向服务器发送 cookie。 Referer 标题指定链接到当前页面的上一个网页的地址。而 Authorization 标题包含凭证，用于将用户身份验证到服务器。

After the server receives the request, it will try to fulfill it. The server will return all the resources used to construct your web page by using HTTP responses . An HTTP response contains multiple things: an HTTP status code to indicate whether the request succeeded; HTTP headers, which are bits of information that browsers and servers use to communicate with each other about authentication, content format, and security policies; and the HTTP response body, or the actual web content that you requested. The web content could include HTML code, CSS style sheets, JavaScript code, images, and more.

服务器收到请求后会尝试满足它。服务器将通过使用 HTTP 响应返回构建您的网页所用的所有资源。HTTP 响应包含多个元素：HTTP 状态代码用于指示请求是否成功；HTTP 头，是浏览器和服务器之间用于通信的信息片段，包括认证、内容格式和安全策略等；以及 HTTP 响应体，即您请求的实际网页内容。网页内容可能包括 HTML 代码、CSS 样式表、JavaScript 代码、图像等。

Here is an example of an HTTP response:

这里是一个 HTTP 响应的例子：

1 HTTP/1.1 200 OK
2 Date: Tue, 31 Aug 2021 17:38:14 GMT
[...]
3 Content-Type: text/html; charset=UTF-8
4 Server: gws
5 Content-Length: 190532

<!doctype html>
[...]
<title>Google</title>
[...]
<html>

Notice the 200 OK message on the first line 1 . This is the status code. An HTTP status code in the 200 range indicates a successful request. A status code in the 300 range indicates a redirect to another page, whereas the 400 range indicates an error on the client’s part, like a request for a nonexistent page. The 500 range means that the server itself ran into an error.

注意第一行的 200 OK 消息。这是状态码。 200 系列的 HTTP 状态码表示请求成功。 300 系列的状态码表示重定向到另一页，而 400 系列表示客户端出现错误，例如请求不存在的页面。 500 系列表示服务器本身遇到错误。

As a bug bounty hunter, you should always keep an eye on these status codes, because they can tell you a lot about how the server is operating. For example, a status code of 403 means that the resource is forbidden to you. This might mean that sensitive data is hidden on the page that you could reach if you can bypass the access controls.

作为一个赏金猎人，你应该经常关注这些状态代码，因为它们可以告诉你服务器的运作情况。例如，403 状态代码表示该资源对你是禁止的。这可能意味着页面上隐藏了敏感数据，只要你能够绕过访问控制，就能够访问到这些数据。

The next few lines separated by a colon ( : ) in the response are the HTTP response headers. They allow the server to pass additional information about the response to the client. In this case, you can see that the time of the response was Tue, 31 Aug 2021 17:38:14 GMT 2 . The Content-Type header indicates the file type of the response body. In this case, The Content-Type of this page is text/html 3 . The server version is Google Web Server ( gws ) 4 , and the Content-Length is 190,532 bytes 5 . Usually, additional response headers will specify the content’s format, language, and security policies.

响应中由冒号（:）分隔的下几行是 HTTP 响应头。它们允许服务器将有关响应的附加信息传递给客户端。在这种情况下，您可以看到响应的时间为 Tue，31 Aug 2021 17: 38: 14 GMT 2. Content-Type 头指示响应正文的文件类型。在这种情况下，此页面的 Content-Type 为 text / html。服务器版本为 Google Web Server（gws）4，Content-Length 为 190，532 字节。通常，其他响应标头将指定内容的格式，语言和安全策略。

In addition to these, you might encounter a few other common response headers. The Set-Cookie header is sent by the server to the client to set a cookie. The Location header indicates the URL to which to redirect the page. The Access-Control-Allow-Origin header indicates which origins can access the page’s content. (We will talk about this more in Chapter 19 .) Content-Security-Policy controls the origin of the resources the browser is allowed to load, while the X-Frame-Options header indicates whether the page can be loaded within an iframe (discussed further in Chapter 8 ).

除了这些，你可能会遇到一些其他常见的响应头。服务器向客户端发送 Set-Cookie 标头来设置 cookie。Location 标头指示要重定向页面的 URL。Access-Control-Allow-Origin 标头指示哪些来源可以访问页面的内容。（我们将在第 19 章中更详细地讨论此问题。）Content-Security-Policy 控制浏览器允许加载哪些资源的来源，而 X-Frame-Options 标头指示页面是否可以在 iframe 中加载（将在第 8 章进一步讨论）。

The data after the blank line is the response body. It contains the actual content of the web page, such as the HTML and JavaScript code. Once your browser receives all the information needed to construct the web page, it will render everything for you.

空行后的数据是响应体。它包含网页的实际内容，如 HTML 和 JavaScript 代码。一旦您的浏览器接收到构建网页所需的所有信息，它将为您呈现所有内容。