

Show Me the Headers - traviskuhl
http://showmetheheaders.com/

======
raesene
Of course they should probably escape any headers they get from the sites they
pull the data from to avoid Cross-Site Scripting :)
<http://showmetheheaders.com/?q=www.mccune.org.uk>

~~~
traviskuhl
good catch. thanks! should have proper filtering now. that's what i get for
writing code at 2am and not properly reviewing.

------
qw
Rick Roll:

<http://showmetheheaders.com/?q=vg.no>

    
    
        * X-VG-WebServer: leon
        * X-VG-WebCache: fritz
        * X-Rick-Would-Never: Never Gonna Give You Up
        * X-VG-Korken: http://www.youtube.com/watch?v=Fcj8CnD5188
        * X-Cache: HIT
        * X-Cache-Hits: 214
        * X-Age: 187

------
wwortiz
Looks like they do it with javascript + YUI which is pretty cool:
<http://showmetheheaders.com/static/showme.js>

You can do it with curl too for all those who don't know

    
    
        curl -I example.com
    

works with multiple domains as well

------
bl4k
you should send a user agent that makes it look like a real browser. for eg.
Microsoft.com responses are different based on user agent, which is why they
do the redirect. Here is Microsoft.com from Chrome (it is diff again for IE
6/7/8 etc.), you get a lot more information:

    
    
      Cache-Control:public
     Content-Encoding:gzip
     Content-Length:23262
     Content-Type:text/html; charset=utf-8
     Date:Fri, 23 Jul 2010 07:27:32 GMT
     ETag:634154400660000000
     Expires:Fri, 23 Jul 2010 07:37:32 GMT
     Last-Modified:Fri, 23 Jul 2010 07:01:06 GMT
     P3P:CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD  TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
     Server:Microsoft-IIS/7.5
     VTag:438638311400000000
     Vary:Accept-Encoding
     X-AspNet-Version:4.0.30319
     X-Powered-By:ASP.NET

------
nod
Is anyone else surprised that microsoft.com still has "emulate IE7" turned on?

------
tryke
slashdot.org gives you fortune output in an "X-Fry" header, much like the site
itself.

EDIT: on second look, they're Futurama quotes. That explains why "X-Fry"
changed to "X-Bender" when I went back!

------
stuff4ben
TechCrunch is fun...

    
    
      # X-hacker If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.

~~~
thehodge
I'm guess thats because Techcrunch is hosted using wordpress.com's VIP service
and that's wordpress.org/com's header

------
roachsocal
This is fun.

