It is based on the learning content provided in the HTTP in detail room.
Task 1 - What is HTTP(S)?
After the nice introduction to HTTP and HTTPS, check out the static website provided in the task. Notice, how the little lock symbol at the top of the page is crossed out. Indicating, that either your connection is unsecure (connected via HTTP) or that there is an issue with the site’s certificate. Click on the problem indicator to get the flag.
Question 1: What does HTTP stand for?
HyperText Transfer Protocol
Question 2: What does the S in HTTPS stand for?
Question 3: On the mock webpage on the right there is an issue, once you’ve found it, click on it. What is the challenge flag?
Task 2 - Requests And Responses
Check out the various features an URL may possess in a request. An example request and response pair is also provided here.
Question 1: What HTTP protocol is being used in the above example?
Question 2: What response header tells the browser how much data to expect?
Task 3 - HTTP Methods
Read the introduction to the most commonly used HTTP methods.
Question 1: What method would be used to create a new user account?
Question 2: What method would be used to update your email address?
Question 3: What method would be used to remove a picture you’ve uploaded to your account?
Question 4: What method would be used to view a news article?
Task 4 - HTTP Status Codes
Learn about the most common HTTP status codes, and the different ranges with their respective meanings.
Deploying the site in this task will help you with getting a better picture, about how some of the HTTP status messages might look like in real life.
Question 1: What response code might you receive if you’ve created a new user or blog post article?
Question 2: What response code might you receive if you’ve tried to access a page that doesn’t exist?
Question 3: What response code might you receive if the web server cannot access its database and the application crashes?
Question 4: What response code might you receive if you try to edit your profile without logging in first?
Task 5 - Headers
Check out the most common request and response headers.
Question 1: What header tells the web server what browser is being used?
Question 2: What header tells the browser what type of data is being returned?
Question 3: What header tells the web server which website is being requested?
Task 6 - Cookies
Read the into about cookies and the way they might be used. To view your own cookies, deploy the static site that is shipped with the task, and follow the guide to open up developer tools in your own browser. Then, follow the instructions left behind in the task.
Check out the various ways you might use to access developer tools in the different browsers.
Question 1: Which header is used to save cookies to your computer?
Task 7 - Making Requests
Create the demo requests with the very nice emulator that is provided here.
Check out, how configuring the request method, and setting the URL will modify our request. For the first question only the URL need to be adjusted.
First, set the id parameter to 1 and then adjust the URL to answer the second question.
Remember to clear the set parameters before proceeding with the third question.
For the fourth question, first we set the username parameter to admin before sending in the request. This will then update the set username value on the website.
For the last question, we try to log on to the website by setting the appropriate parameter values.
This marks the end of this room, see you in the next one.
Question 1: Make a GET request to /room
Question 2: Make a GET request to /blog and using the gear icon set the id parameter to 1 in the URL field
Question 3: Make a DELETE request to /user/1
Question 4: Make a PUT request to /user/2 with the username parameter set to admin
Question 5: POST the username of thm and a password of letmein to /login
thm - shorthand for TryHackMe from now on ↩︎