Synopsys Software Integrity Group is now operating as Black Duck Software, Inc., a subsidiary of Synopsys. Click to learn more.

close search bar

Sorry, not available in this language yet

close language selection
HTTP Client Suite Data Sheet
Test Suite:
HTTP Client Suite
Direction:
Client

Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This test suite can be used to test HTTP Client implementations for security flaws and robustness problems.

Used specifications

Specification
Title
RFC850

Standard for Interchange of USENET Messages

RFC1123

Requirements for Internet Hosts - Application and Support

RFC1808

Relative Uniform Resource Locators

RFC1945

Hypertext Transfer Protocol -- HTTP/1.0

RFC2068

Hypertext Transfer Protocol -- HTTP/1.1

RFC2109

HTTP State Management Mechanism

RFC2396

Uniform Resource Identifiers (URI): Generic Syntax

RFC2616

Hypertext Transfer Protocol -- HTTP/1.1

RFC2617

HTTP Authentication: Basic and Digest Access Authentication

RFC2743

Generic Security Service Application Program Interface Version 2, Update 1

RFC2965

HTTP State Management Mechanism

RFC3986

Uniform Resource Identifier (URI): Generic Syntax

RFC4178

The Simple and Protected Generic Security Service Application Program Interface (GSS-API) Negotiation Mechanism

RFC5322

Internet Message Format

RFC5861

HTTP Cache-Control Extensions for Stale Content

RFC5987

Character Set and Language Encoding for Hypertext Transfer Protocol (HTTP) Header Field Parameters

RFC5988

Web Linking

RFC6266

Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP)

RFC7230

Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing

RFC7231

Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content

RFC7232

Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests

RFC7233

Hypertext Transfer Protocol (HTTP/1.1): Caching

RFC7234

Hypertext Transfer Protocol (HTTP/1.1): Range Requests

RFC7235

Hypertext Transfer Protocol (HTTP/1.1): Authentication

RFC7615

HTTP Authentication-Info and Proxy-Authentication-Info Response Header Fields

RFC7616

HTTP Digest Access Authentication

RFC7617

The 'Basic' HTTP Authentication Scheme

draft-hixie-thewebsocketprotocol-35

The Web Socket protocol

MS-NLMP

NT LAN Manager (NTLM) Authentication Protocol Specification

MS-SPNG

Simple and Protected Generic Security Service Application Program Interface Negotiation Mechanism (SPNEGO) Protocol Extensions

Tool-specific information

Tested messages
Notes
Specifications
101 - Switching Protocols
RFC2616
200 - OK
RFC2616
301 - Moved Permanently
RFC2616
401 - Unauthorized
RFC2616
407 - Proxy Authentication Required
RFC2616
503 - Service Unavailable
RFC2616
The Web Socket Handshake
draft-hixie-thewebsocketprotocol-35
Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis