Answers can be found at http://mdsec.net/wahh.
- What is the OPTIONS method used for?
- What are the if-Modified-since and If-None-Match headers used for? Why might you be interested in these when attacking an application?
- What is the significance of the secure flag when a server sets a cookie?
- What is the difference between the common status codes 301 and 302?
- How does a browser interoperate with a web proxy when SSL is being used?