Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the HTTP header :host, :method, :path, :scheme, :version used for?

Tags:

http-headers

http

security

I have seen that Twitter and Facebook is using :host, :method, :path, :scheme, :version in their HTTP requests. I just wonder what they are used for?

enter image description here

My first guess is that they use custom headers to prevent CSRF attacks. But you only need one header to prevent CSRF attacks not 5.

like image 366
einstein Avatar asked Jan 06 '14 18:01

einstein

1 Answers

This might be SPDY or experimental HTTP/2.0. See http://greenbytes.de/tech/webdav/draft-ietf-httpbis-http2-09.html#HttpRequest

like image 67
Julian Reschke Avatar answered Oct 01 '22 19:10

Julian Reschke
Sign in to Comment

Related questions

Login Security Philosophy
Where do you put an encryption key on a public facing server?
Is it illegal to write your own encryption? [closed]
Open source projects: what to do with private/secret config data?
User Uploaded CSS safe?
Security between rails and nodejs
Mimic .htaccess or some other type of password protecting with webrick
SQL Injection or Server.HTMLEncode or both? Classic ASP
How do you restrict certain HTML elements to certain roles using ASP.NET MVC?
Facebook photo renaming convention
Solve security issue parsing xml using SAX parser
How to verify that the source code is copied from web
mod_auth_kerb principal parsing error
What are the pros and cons using a self signed root ca for securing a rest service?
How does CORS provide at least some security to users?
Linux System Calls & Kernel Mode
Need an explanation of a particular security optimisation
How to restrict access to certain pages with JSF 2 after user has logged in?
Obfuscating password in batch script
Why string hashed with its hash as salt returns the hash?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!