Monday 5 March 2012

Find the Secret Messages in Web Site Headers


This trick takes us to the unseen technical world beneath the surface of your favorite websites, and shows us how real geeks hide secret messages in the HTTP protocol headers. We’re talking Serious geek cred here.

Slashdot's Hidden Message
What Are You Talking About?
The thing you probably don’t realize is that behind the scenes, your web browser sends a request to the web server using the HTTP protocol, which is nothing more than a pre-defined set of commands in text format so the browser and web server can communicate.
…but that’s really boring. Which is why the geeks that run various web sites decided to hide messages in those headers just to see if anybody would notice. And some of them are rather fun.
How to See the Hidden Headers
There’s a number of ways to access these headers, the easiest for real geeks is to pop open the command prompt and use the curl utility, available on Linux, Mac OS X, or even Windows—if you don’t mind downloading an additional utility.
The other way to view them is with the Live HTTP Headers add-on for Firefox. 
If you are using the curl method, you can simply type in the following command (that’s a dash and capital i, not an L)
curl –I sitename.com
For instance, if you type in curl –I slashdot.org, you’ll see that they embed random quotes from Futurama into the headers:
The blogging platform WordPress uses the header for a useful purpose—they recommend contacting them about a job if you’ve been able to locate the headers:
curl –I wordpress.com
My buddy Ross over at SimpleHelp.net expresses his music taste in his header… by now I’m sure you can figure out the command.
Over at the Online Tech Tips site, they’ve got a very important tip for you:
The CybernetNews blog tells us that you should tape your thumbs to your hands. I mean, everyone is doing it!
Mattias Geniar wants everybody to know who rocks. Turns out, it’s him!
The Tux Games site is using subliminal advertising. BUY MORE GAMES!
Add a Hidden Message To Your Own Web Site
For those of you rocking a blog running on an Apache web server, and using a .htaccess file, you can actually add your own secret hidden message to your own HTTP headers.
Just open up your .htaccess file, and add the following line (near the beginning for best effect).
Header set X-Nerd “Something Here”
You can change whatever is after the X- to anything you want, like X-Yay or X-SecretStuff, and you can also put whatever message you want between the quotes—though I would keep it nice and short.
Added Bonus: Pull a Random Futurama Quote from Slashdot
So now we’ve figured out how to see the quotes—with a little more command-line magic you can make a script that pulls a random quote from the Slashdot servers. Yes, this script is pretty useless, but it’s fun!
curl -sI slashdot.org | grep -E “X-(B|L|F)”
There’s lots of other sites with hidden messages in the headers…

No comments: