The host header in a http request provides the host(the domain) and port information from the target URI . For example, a GET request to the origin server for<http://www.example.org/pub/WWW/> would begin with:
GET /pub/WWW/ HTTP/1.1
Host: www.example.orgThis is useful in case of
- Virtual hosting : single webserver hosts multiple web applications. all the domain names point to the same ip.
- reverse proxy : webapps may be hoted on distinct back end servers yet all domain names route to ip of the reverse proxy. In this case host header can be used for routing the request to the correct server. (The alternative to header would be path , eg https://example.com/s1 would route to different server and https://example.com/s2 would route to different server.
note that host is a forbidden header hence it cannot be programatically modified in browser. Read more here.https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name. However host header can be modified via hacks. Readm more https://stackoverflow.com/questions/21382813/how-can-i-modify-the-host-header. Also proy like burp proxy and intercept requests and then view , modify all requests and response. (proxy do not have browser restrictions obviously)