I am aware of apache web server, i can host web pages.
how to create a http page(server) that would handle http post requests and respond to those requests.
If you just want something simple, try node.js
You can write the server code in javascript. Otherwise, you can just use PHP or another scripting language with Apache web server, just make sure you enable the PHP module (or whichever module you need)
Related
Is it possible to create a HTTP POST that posts to the PHP script that is hosted on a separate unauthenticated FTP server?
No.
POST is an HTTP method, and HTTP requests have a specific protocol structure. FTP, being an entirely different protocol, has an entirely different structure.
FTP servers don't understand HTTP requests, and HTTP servers don't understand FTP requests. (One "server" can handle both, and in such a case would be acting as two distinct services from the perspective of any consuming client.)
If the target page is hosted as a file on an FTP server, then there is no HTTP endpoint to receive the request. There's just a file.
FiddlerCore seems to have a ton of functionality around managing http requests including parsing headers, parsing and decoding body content, searching for content within a request, etc. Additionally there's the functionality to replay captured requests.
I'd like to use these features on requests that my web application receives directly, for example via an ASP.NET MVC or Web API controller.
In this scenario, I am am natively capturing the request, so I don't need or want FiddlerCore's proxy functionality. I just want to use the bits of FiddlerCore that manage and manipulate requests.
Can I use the above functionality of FiddlerCore and not enable a proxy?
It sounds like you're asking "How do I run FiddlerCore as a reverse proxy?"
Move the target service to a different port (e.g. 81 instead of 80)
Call FiddlerApplication.Startup with the original service port (e.g. 80)
In your FiddlerCore application's BeforeRequest handler, rewrite the port of inbound requests to point to the target port (e.g. 81).
Seems most web server support subrequest.
I found here's one question about sub request:
Subrequest for PHP-CGI
But what is the point of sub request at all,when is that kind of thing really useful?
Is it defined in http protocol?
Apache subrequests can be used in your e.g. PHP application with virtual() to access resources from the same server. The resource gets processed from Apache normally as normal requests are, but you don't have the overhead of sending a full HTTP request on the network interface.
Less overhead is probably the only reason one would want to use it instead of a real HTTP request.
Edit: The resources are processed by apache, which means that the apache modules are used if configured. You can request a mod_perl or mod_ruby processed resource from PHP.
I have a running HTTP web application and I am facing problems to make it run over HTTPS.
I am thinking of bringing some HTTPS Proxy that accepts user requests and forward it to the HTTP web app.
What do you think of that? and How can I accomplish that?
Setting up stunnel is a no-brainer - and its available for Unix/Linux/Posix/MSWindows (you might have mentioned what OS you are using).
(Also you can run the program to encrypt or decrpyt, at the server or at the client side)
It's possible to run Apache Httpd (for example) using HTTPS and use mod_proxy_http as a reverse proxy to forward the requests to your existing HTTP server. Of course, for this to be of any use, you'd need the reverse proxy and the target server to be connected in such a way that connections cannot be sniffed or altered.
You may find that the existing server needs certain extra settings for it to be aware it's using HTTPS (for example, special Valves in Apache Tomcat to set the HTTPS flag to true).
Apache httpd reverse-proxy?
We have some legacy ASP.NET code that detects if a request is secure, and redirects to the https version of the page if required.
This code uses Request.ServerVariables["SERVER_PORT_SECURE"] to detect if SSL is needed.
Our operations team has suggested doing proxy SSL at the load balancer (F5 Big-IP) instead of on the web servers (assume for the purposes of this question that this is a requirement).
The consequence would be that all requests appear as HTTP to the web server.
My question: how can we let the web servers known that the incoming connection was secure before it hit the load balancer? Can we continue to use Request.ServerVariables["SERVER_PORT_SECURE"]?
Do you know of a load balancer config that will send headers so that no application code changes are needed?
Use an iRule to effectively add a custom element to the HTTP header and then detect it in the ASP.NET code via Request.Headers. Dig into the collection of the Request.Headers object as well as your F5 hardware may already be marking itself on one of the HTTP Headers anyway.