Extension HTTP Header Spoofing

Header Spoofing

The service allows the user to pass HTTP/1.1 headers as query parameters. This is done to allow any kind of request from within a browser. This feature is provided strictly as a workaround for current web-browser limitations.
To specify an HTTP/1.1 header as a query parameter:

replace all dashes "-" in the header name by underscores "_";
convert all characters in the header name to lowercase;
prepend the header name with "_http_".

Examples

The following two HTTP/1.1 requests are semantically identical:

PUT /some_resource HTTP/1.1
Host: handle.sara.nl
Date: Mon, 09 Sep 2008 08:17:35 GMT
If-None-Match: *
...

PUT /some_resource?_http_if_none_match=* HTTP/1.1
Host: handle.sara.nl
Date: Mon, 09 Sep 2008 08:17:35 GMT
...

Note how the If-None-Match header is specified as a query parameter in the second case.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Extension HTTP Header Spoofing

Header Spoofing

Examples

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally