Simple Python 3 server with header manipulations,
e.g. Set-Cookie, Origin, and Host in the current example.
Run the server:
python3 ./server-example-with-headers.py
-
Originheader is forged by client:$ curl localhost:8080 -H 'Origin: fadeevab.com' I believe this request is from fadeevab.com! Hello, world! -
Set-Cookieheader is returned:$ curl localhost:8080 -v .... < HTTP/1.0 200 OK < Server: BaseHTTP/0.6 Python/3.7.5 < Date: ... < Set-Cookie: auth=1234; Domain=sub.localhost-vis just to show headers
To experiment with subdomains on your local machine just modify /etc/hosts file (C:\\Windows\\System32\\Drivers\\etc\\hosts) like the following:
127.0.0.1 sub.localhost