Synopsys Completes Acquisition of WhiteHat Security Learn More

close search bar

Sorry, not available in this language yet

close language selection
HTTP2 Server Test Suite Data Sheet
Test Suite:
HTTP2 Server Test Suite
Direction:
Server

Hypertext Transfer Protocol 2 (HTTP2) is an application-level protocol for distributed, collaborative, hypermedia information systems. This test suite can be used to test HTTP2 Server implementations for security flaws and robustness problems. HTTP2 is successor of HTTP. HTTP2 has similar headers like in HTTP/1.1 but headers have binary packing and values can be Huffman encoded. Biggest changes in HTTP2 compared to HTTP/1.1 is that protocol is binary instead of ASCII and supports multiple streams.

Used specifications

Specification
Title
Notes
RFC2068
Hypertext Transfer Protocol -- HTTP/1.1
Only Link header
RFC2617
HTTP Authentication: Basic and Digest Access Authentication
RFC3986
Uniform Resource Identifier (URI): Generic Syntax
RFC5322
Internet Message Format
FROM header mailbox specification only.
RFC5646
Tags for Identifying Languages
RFC5789
PATCH Method for HTTP
RFC5987
Character Set and Language Encoding for Hypertext Transfer Protocol (HTTP) Header Field Parameters
RFC6265
HTTP State Management Mechanism
Anomalization only
RFC6266
Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP)
Anomalization only
RFC6797
HTTP Strict Transport Security (HSTS)
Anomalization only
RFC6874
Representing IPv6 Zone Identifiers in Address Literals and Uniform Resource Identifiers
RFC7230
Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing
RFC7231
Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content
RFC7232
Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests
RFC7233
Hypertext Transfer Protocol (HTTP/1.1): Caching
RFC7234
Hypertext Transfer Protocol (HTTP/1.1): Range Requests
RFC7235
Hypertext Transfer Protocol (HTTP/1.1): Authentication
RFC7540
Hypertext Transfer Protocol Version 2 (HTTP/22)
RFC7541
HPACK: Header Compression for HTTP/2
An HTTP/2 Extension for Bidirectional Message Communication
draft-xie-bidirectional-messaging-02

Tool-specific information

Feature
Description
Headers
RFC7540
Settings
RFC7540
Data
RFC7540
Ping
RFC7540
Priority
RFC7540
Window Update
RFC7540
Push Promise
RFC7540
Go Away
RFC7540
Reset Stream
RFC7540
Continuation
RFC7540
XHEADERS
draft-xie-bidirectional-messaging-02

Supported SafeGuard Checks

Information leakage

Remote execution

Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis