Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Display Filter Reference: Hypertext Transfer Protocol

Protocol field name: http

Versions: 1.0.0 to 4.2.4

Back to Display Filter Reference

Field name Description Type Versions
http.acceptAcceptCharacter string1.0.0 to 4.2.4
http.accept_encodingAccept EncodingCharacter string1.0.0 to 4.2.4
http.accept_languageAccept-LanguageCharacter string1.0.0 to 4.2.4
http.authbasicCredentialsCharacter string1.0.0 to 4.2.4
http.authcitrixCitrix AG AuthBoolean2.0.0 to 4.2.4
http.authcitrix.domainCitrix AG DomainCharacter string2.0.0 to 4.2.4
http.authcitrix.passwordCitrix AG PasswordCharacter string2.0.0 to 4.2.4
http.authcitrix.sessionCitrix AG Session IDCharacter string2.0.0 to 4.2.4
http.authcitrix.userCitrix AG UsernameCharacter string2.0.0 to 4.2.4
http.authorizationAuthorizationCharacter string1.0.0 to 4.2.4
http.bad_header_nameIllegal characters found in header nameLabel3.0.0 to 4.2.4
http.body.fragmentHTTP Chunked Body fragmentFrame number4.2.0 to 4.2.4
http.body.fragment.countHTTP Chunked Body fragment countUnsigned integer (32 bits)4.2.0 to 4.2.4
http.body.fragment.errorHTTP Chunked Body defragment errorFrame number4.2.0 to 4.2.4
http.body.fragment.multiple_tailsHTTP Chunked Body has multiple tail fragmentsBoolean4.2.0 to 4.2.4
http.body.fragment.overlapHTTP Chunked Body fragment overlapBoolean4.2.0 to 4.2.4
http.body.fragment.overlap.conflictsHTTP Chunked Body fragment overlapping with conflicting dataBoolean4.2.0 to 4.2.4
http.body.fragment.too_long_fragmentHTTP Chunked Body fragment too longBoolean4.2.0 to 4.2.4
http.body.fragmentsReassembled HTTP Chunked Body fragmentsLabel4.2.0 to 4.2.4
http.body.reassembled.dataReassembled dataByte sequence4.2.0 to 4.2.4
http.body.reassembled.inReassembled inFrame number4.2.0 to 4.2.4
http.body.reassembled.lengthReassembled lengthUnsigned integer (32 bits)4.2.0 to 4.2.4
http.body.segmentHTTP Chunked Body segmentByte sequence4.2.0 to 4.2.4
http.cache_controlCache-ControlCharacter string1.0.0 to 4.2.4
http.chatFormatted textLabel1.12.0 to 4.2.4
http.chunk_boundaryChunk boundaryByte sequence2.0.0 to 4.2.4
http.chunk_dataChunk dataByte sequence3.6.7 to 4.2.4
http.chunk_sizeChunk sizeUnsigned integer (32 bits)2.0.0 to 4.2.4
http.chunkd_and_lengthExpert InfoLabel1.12.0 to 2.0.16
http.chunked_trailer_parttrailer-partCharacter string1.12.4 to 4.2.4
http.connectionConnectionCharacter string1.0.0 to 4.2.4
http.content_encodingContent-EncodingCharacter string1.0.0 to 4.2.4
http.content_lengthContent lengthUnsigned integer (64 bits)1.0.0 to 4.2.4
http.content_length_headerContent-LengthCharacter string1.0.5 to 4.2.4
http.content_rangeContent-RangeCharacter string4.2.0 to 4.2.4
http.content_typeContent-TypeCharacter string1.0.0 to 4.2.4
http.cookieCookieCharacter string1.0.0 to 4.2.4
http.cookie_pairCookie pairCharacter string1.12.0 to 4.2.4
http.dateDateCharacter string1.0.0 to 4.2.4
http.decompression_disabledDecompression disabledLabel3.6.0 to 4.2.4
http.decompression_failedDecompression failedLabel3.6.0 to 4.2.4
http.excess_dataExcess data after a body (not a new request/response), previous Content-Length bogus?Label4.2.0 to 4.2.4
http.file_dataFile DataByte sequence2.2.0 to 4.2.4
http.hostHostCharacter string1.0.0 to 4.2.4
http.http2_settingsHTTP2-SettingsCharacter string3.6.0 to 4.2.4
http.http2_settings_uriHTTP2 Settings URIByte sequence3.6.0 to 4.2.4
http.last_modifiedLast-ModifiedCharacter string1.0.0 to 4.2.4
http.leading_crlfLeading CRLF previous message in the stream may have extra CRLFLabel2.0.0 to 4.2.4
http.locationLocationCharacter string1.0.0 to 4.2.4
http.next_request_inNext request in frameFrame number1.10.0 to 4.2.4
http.next_response_inNext response in frameFrame number1.10.0 to 4.2.4
http.notificationNotificationBoolean1.0.0 to 4.2.4
http.path_segmentPath segmentCharacter string4.0.0 to 4.0.14
http.path_sub_segmentPath sub segmentCharacter string4.0.0 to 4.0.14
http.prev_request_inPrev request in frameFrame number1.10.0 to 4.2.4
http.prev_response_inPrev response in frameFrame number1.10.0 to 4.2.4
http.proxy_authenticateProxy-AuthenticateCharacter string1.0.0 to 4.2.4
http.proxy_authorizationProxy-AuthorizationCharacter string1.0.0 to 4.2.4
http.proxy_connect_hostProxy-Connect-HostnameCharacter string1.0.0 to 4.2.4
http.proxy_connect_portProxy-Connect-PortUnsigned integer (16 bits)1.0.0 to 4.2.4
http.rangeRangeCharacter string4.2.0 to 4.2.4
http.refererRefererCharacter string1.0.0 to 4.2.4
http.requestRequestBoolean1.0.0 to 4.2.4
http.request.full_uriFull request URICharacter string1.6.0 to 4.2.4
http.request.lineRequest lineCharacter string1.12.0 to 4.2.4
http.request.methodRequest MethodCharacter string1.0.0 to 4.2.4
http.request.uriRequest URICharacter string1.0.0 to 4.2.4
http.request.uri.pathRequest URI PathCharacter string2.2.0 to 4.2.4
http.request.uri.path.segmentRequest URI Path SegmentCharacter string4.2.0 to 4.2.4
http.request.uri.queryRequest URI QueryCharacter string2.2.0 to 4.2.4
http.request.uri.query.parameterRequest URI Query ParameterCharacter string2.2.0 to 4.2.4
http.request.versionRequest VersionCharacter string1.0.0 to 4.2.4
http.request_inRequest in frameFrame number1.10.0 to 4.2.4
http.request_numberRequest numberUnsigned integer (32 bits)2.0.0 to 4.2.4
http.responseResponseBoolean1.0.0 to 4.2.4
http.response.codeStatus CodeUnsigned integer (24 bits)1.0.0 to 4.2.4
http.response.code.descStatus Code DescriptionCharacter string2.4.0 to 4.2.4
http.response.lineResponse lineCharacter string1.12.0 to 4.2.4
http.response.phraseResponse PhraseCharacter string1.6.0 to 4.2.4
http.response.versionResponse VersionCharacter string2.6.0 to 4.2.4
http.response_for.uriRequest URICharacter string2.6.7 to 4.2.4
http.response_inResponse in frameFrame number1.10.0 to 4.2.4
http.response_numberResponse numberUnsigned integer (32 bits)2.0.0 to 4.2.4
http.sec_websocket_acceptSec-WebSocket-AcceptCharacter string1.8.0 to 4.2.4
http.sec_websocket_extensionsSec-WebSocket-ExtensionsCharacter string1.8.0 to 4.2.4
http.sec_websocket_keySec-WebSocket-KeyCharacter string1.8.0 to 4.2.4
http.sec_websocket_protocolSec-WebSocket-ProtocolCharacter string1.8.0 to 4.2.4
http.sec_websocket_versionSec-WebSocket-VersionCharacter string1.8.0 to 4.2.4
http.serverServerCharacter string1.0.0 to 4.2.4
http.ssl_portUnencrypted HTTP protocol detected over encrypted port, could indicate a dangerous misconfiguration.Label2.0.0 to 2.6.20
http.subdissector_failedHTTP body subdissector failed, trying heuristic subdissectorLabel1.12.0 to 4.2.4
http.te_and_lengthThe Content-Length and Transfer-Encoding header must not be set togetherLabel2.2.0 to 4.2.4
http.te_unknownUnknown transfer coding name in Transfer-Encoding headerLabel2.2.0 to 4.2.4
http.timeTime since requestTime offset1.10.0 to 4.2.4
http.tls_portUnencrypted HTTP protocol detected over encrypted port, could indicate a dangerous misconfiguration.Label3.0.0 to 4.2.4
http.transfer_encodingTransfer-EncodingCharacter string1.0.0 to 4.2.4
http.unknown_headerUnknown headerCharacter string2.0.0 to 4.2.4
http.upgradeUpgradeCharacter string1.8.0 to 4.2.4
http.user_agentUser-AgentCharacter string1.0.0 to 4.2.4
http.www_authenticateWWW-AuthenticateCharacter string1.0.0 to 4.2.4
http.x_forwarded_forX-Forwarded-ForCharacter string1.0.0 to 4.2.4

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube