NYCPHP Meetup

NYPHP.org

[nycphp-talk] Viewing HTTP Headers

csnyder at chxo.com csnyder at chxo.com
Mon Dec 1 11:08:22 EST 2003


Yes, so sorry-- was meant for the non-mCrypt thread. Not enough coffee yet.

Quoting Chris Shiflett <shiflett at php.net>:

> Was this reply meant for some other thread? If not, I'm very lost. :-)
> 
> --- Chris Snyder <csnyder at chxo.com> wrote:
> > Take a look at Pear's Crypt_Xtea package.
> > http://pear.php.net/package/Crypt_Xtea
> > 
> > TEA isn't the most trusted algo on the block, but it's probably better 
> > than obfuscation. If you're really serious about encrypting values, you 
> > need mcrypt (and some way to keep your encryption key secret).
> > 
> > csnyder
> > 
> > 
> > Jeff Siegel wrote:
> > 
> > > Thought this would be of interest. Jeff Knight told me about Firebird 
> > > (I'm running the Windows version) and one of the really cool 
> > > extensions allows you to view HTTP headers. Below is some sample
> > output.
> > >
> > > Jeff Siegel
> > >
> > >
> > > ====================================================
> > > SAMPLE OUTPUT FROM EXTENSION "LIVE HTTP HEADERS"
> > > ====================================================
> > >
> > > http://192.168.1.112/mrs/admin/login.php
> > >
> > > POST /mrs/admin/login.php HTTP/1.1
> > > Host: 192.168.1.112
> > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5) 
> > > Gecko/20031007 Firebird/0.7
> > > Accept: 
> > >
> >
>
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1
> > 
> > >
> > > Accept-Language: en-us,en;q=0.5
> > > Accept-Encoding: gzip,deflate
> > > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> > > Keep-Alive: 300
> > > Connection: keep-alive
> > > Referer: http://192.168.1.112/mrs/admin/login.php
> > > Cookie: PHPSESSID=d637bd1942ff5262fe4a4a5d0ed443a8
> > > Content-Type: application/x-www-form-urlencoded
> > > Content-Length: 75
> > >
> >
> PHPSESSID=d637bd1942ff5262fe4a4a5d0ed443a8&usrname=&password=&Submit=Submit
> > 
> > >
> > >
> > >
> > > HTTP/1.x 200 OK
> > > Date: Sun, 31 Oct 2004 01:17:06 GMT
> > > Server: Apache/2.0.40 (Red Hat Linux)
> > > Accept-Ranges: bytes
> > > X-Powered-By: PHP/4.2.2
> > > Expires: Thu, 19 Nov 1981 08:52:00 GMT
> > > Cache-Control: no-store, no-cache, must-revalidate, post-check=0, 
> > > pre-check=0
> > > Pragma: no-cache
> > > Connection: close
> > > Transfer-Encoding: chunked
> > > Content-Type: text/html; charset=ISO-8859-1
> > > ----------------------------------------------------------
> 
> =====
> Chris Shiflett - http://shiflett.org/
> 
> PHP Security Handbook
>      Coming mid-2004
> HTTP Developer's Handbook
>      http://httphandbook.org/
> _______________________________________________
> talk mailing list
> talk at lists.nyphp.org
> http://lists.nyphp.org/mailman/listinfo/talk
> 
> 
> 






More information about the talk mailing list