Security and Programming Paradigms > HTTP stuff > Flashcards

HTTP stuff Flashcards

(12 cards)

Study These Flashcards
1
Q

HTTP Primer

A
  • Hypertext transfer protocol: primary protocol for transmission of data over the internet
  • Data is exchanged between clients and servers in the form of Hypertext documents.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

HTTP Headers

A

An HTTP header is a field of an HTTP request or response that passes additional context and metadata
about the request or response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

HTTP Request Headers

A

A request header is an HTTP header that can be used in an HTTP request to provide information about the
request context, so that the server can tailor the response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

HTTP Fetch Metadata Request Headers

A

*Fetch metadata request headers provide information about the context from which the request originated.
*This allows a server to make decisions about whether a request should be allowed based on where the request came from and how the resource will be used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

HTTP Response Headers

A

A response header is an HTTP header used to give a more detailed context of the response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

HTTP Security Headers

A

One of the easiest ways to secure a web application against common web security vulnerabilities is to
include HTTP security headers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Adding Default HTP Security Headers

A
  • Can be done by using the Talisman package
  • Talisman class includes almost all the important security headers by default
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Default HTTP Security headers

A
  • Permissions-Policy: interest-cohort=()
  • X-Frame-Options: SAMEORIGIN
  • X-XSS-Protection: 1; mode=block
  • X-Content-Type-Options: nosniff
  • Content-Security-Policy: default-src ‘self’; object-src ‘none’
  • Strict-Transport-Security: max-age=31556926; includeSubDomains
  • Referrer-Policy: strict-origin-when-cross-origin
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TLS and it’s properties

A

Transport layer security, Any web application using HTTPS is therefore employing TLS encryption.

Properties:
Encryption - Hides data from third parties
Integrity - verifies data has not been forged or tampered with
Authentication - ensures that the parties exchanging information are who they claim to be

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How does TLS Work

A
  1. (C-S) Client Hello
  2. (S-C) Server Hello - including certificate
  3. (S-C) Client certificate request
  4. (C-S) Client Certificate
  5. (C-S) Client sends key info
  6. (C-S) Certificate verify
    7.(C-S) Finished messaged
    8.(S-C) Finished message
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Digital signatures

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
Security and Programming Paradigms
flashcards
Decks in class (16)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions