spell corrections, changed some wording
This commit is contained in:
Daniel Stenberg
Родитель
ec109b3540
Коммит
31dc1f4247
|
|
@ -1,6 +1,6 @@
|
|||
Author: Daniel Stenberg <daniel@haxx.se>
|
||||
Date: August 7, 2000
|
||||
Version: 0.2
|
||||
Date: September 15, 2000
|
||||
Version: 0.3
|
||||
|
||||
The Art Of Scripting HTTP Requests Using Curl
|
||||
=============================================
|
||||
|
|
@ -31,7 +31,7 @@ Version: 0.2
|
|||
1. The HTTP Protocol
|
||||
|
||||
HTTP is the protocol used to fetch data from web servers. It is a very simple
|
||||
protocol that is built upon TCP/IP. The protocol also allow information to
|
||||
protocol that is built upon TCP/IP. The protocol also allows information to
|
||||
get sent to the server from the client using a few different methods, as will
|
||||
be shown here.
|
||||
|
||||
|
|
@ -130,12 +130,12 @@ Version: 0.2
|
|||
curl -d "birthyear=1905&press=OK" www.hotmail.com/when/junk.cgi
|
||||
|
||||
This kind of POST will use the Content-Type
|
||||
application/x-www-form-urlencoded and is the most widly used POST kind.
|
||||
application/x-www-form-urlencoded and is the most widely used POST kind.
|
||||
|
||||
4.3 FILE UPLOAD POST
|
||||
|
||||
Back in late 1995 they defined a new to post data over HTTP. It was
|
||||
documented in the RFC 1867, why this method sometimes are refered to as
|
||||
Back in late 1995 they defined a new way to post data over HTTP. It was
|
||||
documented in the RFC 1867, why this method sometimes is refered to as
|
||||
a rfc1867-posting.
|
||||
|
||||
This method is mainly designed to better support file uploads. A form that
|
||||
|
|
@ -165,7 +165,7 @@ Version: 0.2
|
|||
|
||||
<form method="POST" action="foobar.cgi">
|
||||
<input type=text name="birthyear">
|
||||
<input type=text name="person" value="daniel">
|
||||
<input type=hidden name="person" value="daniel">
|
||||
<input type=submit name="press" value="OK">
|
||||
</form>
|
||||
|
||||
|
|
@ -209,17 +209,18 @@ Version: 0.2
|
|||
|
||||
Do note that when a program is run, its parameters are possible to see when
|
||||
listing the running processes of the system. Thus, other users may be able to
|
||||
watch your passwords if you pass them as plain command line options.
|
||||
watch your passwords if you pass them as plain command line options. There
|
||||
are ways to circumvent this.
|
||||
|
||||
7. REFERER
|
||||
|
||||
A HTTP request has the ability to feature a 'referer' field, which can be
|
||||
used to tell which URL that causes the client to get this particular
|
||||
resource. Some programs/scripts check the referer field of requests to verify
|
||||
that this wasn't arriving from an external site or unknown page. While this
|
||||
is a stupid way to check something so easily forged, many scripts still do
|
||||
it. Using curl, you can put anything you want in the referer-field and thus
|
||||
more easily being able to fool the server into serving your request.
|
||||
A HTTP request may include a 'referer' field, which can be used to tell from
|
||||
which URL the client got to this particular resource. Some programs/scripts
|
||||
check the referer field of requests to verify that this wasn't arriving from
|
||||
an external site or an unknown page. While this is a stupid way to check
|
||||
something so easily forged, many scripts still do it. Using curl, you can put
|
||||
anything you want in the referer-field and thus more easily be able to fool
|
||||
the server into serving your request.
|
||||
|
||||
Use curl to set the referer field with:
|
||||
|
||||
|
|
@ -278,10 +279,10 @@ Version: 0.2
|
|||
specified in a received cookie, the client sends back the cookies and their
|
||||
contents to the server, unless of course they are expired.
|
||||
|
||||
Many applications and server use this method to connect a series of request
|
||||
Many applications and servers use this method to connect a series of requests
|
||||
into a single logical session. To be able to use curl in such occations, we
|
||||
must be able to record and send back cookies in the way that the web
|
||||
application expects them. The same way browsers deal with them.
|
||||
must be able to record and send back cookies the way the web application
|
||||
expects them. The same way browsers deal with them.
|
||||
|
||||
The simplest way to send a few cookies to the server when getting a page with
|
||||
curl is to add them on the command line like:
|
||||
|
|
@ -307,15 +308,15 @@ Version: 0.2
|
|||
|
||||
There are a few ways to do secure HTTP transfers. The by far most common
|
||||
protocol for doing this is what is generally known as HTTPS, HTTP over
|
||||
SSL. SSL encrypts all the data that is send and received over the network and
|
||||
SSL. SSL encrypts all the data that is sent and received over the network and
|
||||
thus makes it harder for attackers to spy on sensitive information.
|
||||
|
||||
SSL (or TLS as the latest version of the standard is called) offers a
|
||||
truckload of advanced features to allow all those encryptions and key
|
||||
infrastructure mechanisms ecnrypted HTTP requires.
|
||||
infrastructure mechanisms encrypted HTTP requires.
|
||||
|
||||
Curl supports enscrypted fetches thanks to the freely available OpenSSL
|
||||
libraries. To get a pafe from a https server, simply run curl like:
|
||||
Curl supports encrypted fetches thanks to the freely available OpenSSL
|
||||
libraries. To get a page from a HTTPS server, simply run curl like:
|
||||
|
||||
curl https://that.secure.server.com
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче