Understanding the working of web applications is crucial before diving into learning API hacking because APIs (Application Programming Interfaces) are an integral part of web applications.
A web application is a software program accessed through a web browser that provides interactive functionality and data processing capabilities like Twitter, Linkedin, Gmail and etc. On the other hand, A website consists of interconnected web pages primarily used for sharing information or providing static content.
Example URL:
Protocol://hostname[:port number]/[Path]/[?parameter]
Protocol:// specifies the protocol or scheme used for communication. In this case, it is the secure variant of HTTP.hostname indicates the domain name or host where the resource is located. It is the address of the server that hosts the resource.[:port number] (optional) specifies the port number (a communication channel) through which the server communicates. It is often omitted for default port numbers (e.g., 80 for HTTP, 443 for HTTPS).[Path] represents the specific location or path on the server where the desired resource is located. It helps identify the file or endpoint being accessed.[?parameter] (optional) contains additional data appended to the URL. These parameters are used to pass information to the server, typically in the form of key-value pairs. Multiple parameters are separated by an ampersand (&)An HTTP request is a message sent by a client, typically a web browser, to a server in order to retrieve or manipulate resources. It is part of the Hypertext Transfer Protocol (HTTP), the protocol used for communication on the World Wide Web.
HTTP requests consist of several components, including:
POST /api/users HTTP/1.1
Host: example.com
Content-Type: application/json
Authorization: Bearer your-access-token
{
"name": "John Doe",
"email": "[email protected]",
"password": "secretpassword"
}
In this example: