HTTP GET请求中是否需要“Host”?

时间:2018-02-09 14:45:54

标签: http get netcat

以下示例显示必须指定Host:。这是由GET请求的HTTP协议决定的,还是来自http://httpbin.org的非标准功能?感谢。

$ netcat --version 
netcat (The GNU Netcat) 0.7.1
Copyright (C) 2002 - 2003  Giovanni Giacobbi

This program comes with NO WARRANTY, to the extent permitted by law.
You may redistribute copies of this program under the terms of
the GNU General Public License.
For more information about these matters, see the file named COPYING.

Original idea and design by Avian Research <hobbit@avian.org>,
Written by Giovanni Giacobbi <giovanni@giacobbi.net>.

$ sed 's/$/\r/g' <<EOF | netcat -v httpbin.org 80
GET /get HTTP/1.1
Host:httpbin.org

EOF
httpbin.org [23.23.241.244] 80 (http) open
HTTP/1.1 200 OK
Connection: keep-alive
Server: meinheld/0.6.1
Date: Fri, 09 Feb 2018 14:41:39 GMT
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Powered-By: Flask
X-Processed-Time: 0.000858068466187
Content-Length: 157
Via: 1.1 vegur

{
  "args": {}, 
  "headers": {
    "Connection": "close", 
    "Host": "httpbin.org"
  }, 
  "origin": "165.91.87.88", 
  "url": "http://httpbin.org/get"
}

$ sed 's/$/\r/g' <<EOF | netcat -v httpbin.org 80
GET /get HTTP/1.1

EOF
httpbin.org [54.225.64.197] 80 (http) open
HTTP/1.1 400 Bad Request
Connection: close
Server: Cowboy
Date: Fri, 09 Feb 2018 14:42:33 GMT
Content-Length: 0

1 个答案:

答案 0 :(得分:1)

简短回答,取决于协议。

在实践中,如果你没有指定&#34; HOST&#34;可能会发生什么(取决于Web服务器配置nginx / apache / hiawatha等),您可以从默认vhost或配置为接受来自IP的/ dispacht请求的主机获取内容。

您可以使用以下方式进行测试:

 echo -en "GET / HTTP/1.0\n\n\n" | nc stackoverflow.com 80

这可能是输出:

HTTP/1.1 500 Domain Not Found
Server: Varnish
Retry-After: 0
content-type: text/html
Cache-Control: private, no-cache
connection: keep-alive
X-Served-By: cache-hhn1546-HHN
Content-Length: 220
Accept-Ranges: bytes
Date: Sat, 07 Apr 2018 20:45:56 GMT
Via: 1.1 varnish
Connection: close

<html>
<head>
<title>Fastly error: unknown domain </title>
</head>
<body>
<p>Fastly error: unknown domain: . Please check that this domain has been added to a service.</p>

现在添加主持人:

 echo -en "GET / HTTP/1.0\nHost: stackoverflow.com\n\n" | nc stackoverflow.com 80

或使用HTTP/1.1(需要指定主机)

echo -en "GET / HTTP/1.1\nHost: stackoverflow.com\n\n" | nc stackoverflow.com 80

您将看到/得到回复:

HTTP/1.1 301 Moved Permanently
...
相关问题
最新问题