Declaration: the following content is arranged in the network article
A cause.
Before the interview, the interviewer asked almost no other problems, the whole interview, into the knowledge of the deal, due to the oneself is not very well prepared in this respect and answer is not very good, so back combining interview, check a lot of information, carefully look at the HTTP protocol, if write bad place, leave a message said.
2.HTTP Overview:
HyperText Transfer Protocol (HTTP) is short for HyperText Transfer Protocol. HTTP is a standard for client end (user) and server end (web site) requests and responses. Typically, an HTTP client initiates a request to create a TCP connection to a specified port on the server (default: port 80). The HTTP server listens for client requests on that port. Once a request is received, the server returns a status to the client, such as “HTTP/1.1 200 OK”, along with what is returned, such as the requested file, error message, or other information.
Three.HTTP features:
- Client and server modes are supported
- Simple and fast: When a client requests a service from the server, it only needs to send the request method and path. Because HTTP protocol is simple, the communication speed is relatively fast
- Flexibility: HTTP allows the transfer of any type of data object. The Type being transferred is marked by content-Type
- None connection: The server processes only one request at a time. After the server processes the request and receives the reply from the user, the server disconnects from the client, saving the transmission time
- Stateless: Stateless means that the protocol has no memory for processing things. The communication state between the request and response is not saved. The lack of state means that if the previous information is required for subsequent processing, it must be retransmitted. Stateless protocol solutions: 1
4. The TCP/IP
TCP/IP (Transmission Control Protocol/Internet Protocol) is a Protocol cluster that transfers information between multiple networks. TCP/IP is not only TCP and IP, but a protocol cluster consisting of FTP, SMTP, TCP, UDP, and IP. It is called TCP/IP because TCP and IP are the most representative of TCP/IP.
5.TCP/IP reference model
Application layer: Responsible for handling specific application details. Simple network management SNMP protocol, simple Network transfer SMTP, domain name resolution DNS, file download FTP protocol, remote assistance, Telnet protocol, hypertext transfer HTTP and so on.
Transport layer: Provides end-to-end communication for applications running on two hosts. TCP and UDP
Network layer: Handles the activities of groups in the network, such as route selection for groups. IP protocol etc.
Network interface layer: includes device drivers in the operating system and corresponding network interface cards in the computer
The difference between HTTP and HTTPS
Summary:
HTTP data is unencrypted, that is, plaintext, and can be captured using packet capture tools. HTTPS encrypts HTTP data using the Secure Sockets Layer (SSL) protocol designed by Netscape. SSL relies on certificates to verify the identity of the server and to encrypt communication between the browser and the server. Packet capture tools capture ciphertext, greatly increasing the cost of man-in-the-middle attacks. To put it simply, HTTPS is a network protocol that uses SSL and HTTP to encrypt transmission and authenticate identities. It is more secure than HTTP
Main differences:
- A URL for HTTP
http://Port 80 is used by default and the HTTPS URL is used byhttps://Port 443 starts and is used by default - HTTP is a hypertext transmission protocol, and information is transmitted in plain text. HTTPS is a secure SSL encryption transmission protocol
- HTTP connections are simple and stateless. HTTPS is a network protocol constructed using SSL and HTTP to encrypt transmission and authenticate identity. HTTPS is more secure than HTTP
HTTP1.0 differs from HTTP2.0
HTTP 2.0 has greatly improved web performance compared to HTTP 1.x
1. Multiplexing
Multiplexing allows multiple request-response messages to be sent simultaneously over a single HTTP2.0 connection, whereas in HTTP1.0 the browser client had a limited number of requests for the same domain name at the same time. HTTP2.0 can easily implement multi-stream parallelism without relying on establishing multiple TCP connections. HTTP2.0 reduces the basic unit of HTTP communication to frames that correspond to messages in a logical flow. Messages are exchanged bidirectionally over the same TCP connection in parallel.
2. Binary frame division
HTTP2.0 adds a binary framing layer between the application layer (HTTP2.0) and the transport layer (TCP/UDP). In the binary framing layer, HTTP2.0 divides all information into smaller messages and frames and encodes them in binary format
HTTP2.0 communication is all done over a single connection that can host any number of two-way data streams.
In the past, the key to HTTP performance optimization was not high bandwidth, but low latency. TCP connections “tune” themselves over time, limiting the maximum speed of the connection at first and increasing the speed of the transfer over time if the data is successfully transferred. This tuning is called TCP slow start. For this reason, HTTP connections that are inherently abrupt and short become very inefficient. HTTP/2 enables more efficient use of TCP connections by having all data flows share the same connection, allowing high bandwidth to truly serve HTTP’s performance gains.
3. Front compression
HTTP/1.1 does not support HTTP header compression, which is why SPDY uses the generic DEFLATE algorithm and HTTP/2 uses the HPACK algorithm designed specifically for header compression.
4. Server push
Server push is a mechanism for sending data before the client requests it. In HTTP/2, the server can send multiple responses to a single request from the client. Server push makes http1.x era optimizations using embedded resources meaningless; If a request is made from your home page, the server will probably respond with the home page content, logo, and style sheet because it knows the client will use those things. This is like having all the resources in one HTML document, but compared to that, server push has another big advantage: it can be cached! It also makes it possible to share cached resources between different pages while following homology.
8. Composition of URL
Protocol + host name + path + Parameter
9. HTTP requests
HTTP request packets are divided into three parts: request line, request header, and request body
1. The request
The request line consists of three aspects: request method, request address, and protocol version
The HTTP/1.1 protocol defines eight methods (also known as “actions”) to manipulate a given resource in different ways
| The method name | function |
|---|---|
| GET | The GET method should only be used to read data when making “display” requests to specified resources, and should not be used for “side effects” operations |
| POST | Specify the resource to submit data and request the server to process it (for example, submit a form or upload a file). The data is contained in the request text. This request may create a new resource or modify an existing resource, or both. |
| PUT | Uploads its latest content to the specified resource location |
| DELETE | Requests the server to remove the resource identified by request-URI |
| OPTIONS | Causes the server to return all HTTP request methods supported by the resource. with*Instead of the resource name, send an OPTIONS request to the Web server to test whether the server functions properly |
| HEAD | Like the GET method, a request is made to the server for a specified resource, except that the server does not return the text portion of the resource. The advantage of this method is that you can retrieve information about the resource (raw information, or metadata) without having to transmit the entire content |
| TRACE | Displays requests received by the server, mainly for testing or diagnostics |
| CONNECT | Reserved in HTTP/1.1 for proxy servers that can change connections to channel mode. Typically used for links to SSL encrypted servers (via an unencrypted HTTP proxy server) |
Here are the differences between GET and POST:
- GET: Generally used to GET information, pass parameters using URL and visible, pass parameters are limited
- POST: Generally used to submit data. Parameters are invisible and the number of parameters transmitted is unlimited
Note:
- In terms of security, get and POST are the same, and neither is more secure
Get Request parameters are exposed in the URL, and POST Request parameters are exposed in the Request body. F12 is also exposed, so there is no security
- There is one important difference between GET and POST. To put it simply:
GET generates a TCP packet; POST generates two TCP packets
The reason is:
For GET requests, the browser sends both HTTP headers and data, and the server responds with 200.
For POST, the browser sends a header, the server responds with 100 continue, the browser sends data, and the server responds with 200 OK.
When a POST request is used:
Cache files cannot be used (updating files or databases on the server), GET can request cache, POST cannot
Sending large amounts of data to the server (POST has no data limit)
POST is more stable and reliable than GET when sending user input that contains unknown characters
2. Request header
The request header can be used to pass some additional information in the format: key: value, note that there is a space after the colon:
Common request headers
| The name of the | role |
|---|---|
| Authorization | Set the identity authentication information |
| User-Agent | User id, such as OS and browser type and version |
| If-Modified-Since | The value is returned by the previous serverLast-ModifiedValue to determine if a resource has been changed and read from the cache if it has not been changed |
| If-None-Match | The value is the ETag value returned by the server last timeIf-Modified-Since |
| Cookie | The existing cookies |
| Referer | Identify the address from which the request is referenced, such as the address of page A when you jump from page A to page B |
| Host | The requested host and port number |
Common headers for requests and responses
| The name of the | role |
|---|---|
| Content-Type | Type of the request body or response body, for example, Text /plain or Application/JSON |
| Accept | Description received type, can be multiple values, with.(English comma) separate |
| Content-length | The length of the request/response body, in bytes |
| Content-Encoding | The encoding format of the request/response body, such as Gzip and Deflate |
| Accept-Encoding | Tell them the content-encoding we accept |
| ETag | Identifies the current resource, andLast-Modified,If-None-Match,If-Modified-SinceFor cache control |
| Cache-Control | Generally, the value isno-cache,max-age=xx, xx is an integer, indicating the resource cache validity period (seconds) |
3. Request body
The request body (also called the request body) is a request parameter in the POST request mode. It is stored in the form of key = value, and multiple request parameters are connected with &. If the request body is in the request, the Content-Length attribute in the request header records the Length of the request body
10. The HTTP response
HTTP response packets are divided into three parts: response status line, response header, and response body
1. Response status line
| Status code | Corresponding information |
|---|---|
| 1XX | Info – The request is received and processing continues |
| 2XX | Indicates that the request has been successfully received, understood, or received |
| 3XX | Used to indicate that resources (web pages, etc.) are permanently transferred to another URL, also known as redirects |
| 4XX | Client error – The request has a syntax error or the request cannot be implemented |
| 5XX | Server side error – The server failed to fulfill a valid request |
Common status code
2 xx success
- 200 OK: indicates that the request from the client is processed correctly on the server
- 204 No content: Indicates that the request is successful, but the response packet does not contain the body of the entity
- 206 Partial Content for a range request
3 xx redirection
- 301 Moved permanently, permanently redirects: indicates that the resource has been assigned a new URL
- 302 Found, temporary redirection, indicating that the resource was temporarily assigned a new URL
- 303 See Other: indicates that another URL exists for the resource. Use GET to obtain the resource
- 304 Not Modified: indicates that the server allows access to the resource but the request condition is not met
- 307 Temporary redirect Is the same as 302
4XX Client error
- 400 Bad Request: Syntax errors exist in the request packet
- 401 Unauthorized: The request to be sent requires authentication information that is authenticated through HTTP
- 403 Forbidden: Access to requested resources is denied by the server
- 404 not found: No requested resource was found on the server
5XX Server error
- 500 Internal sever error: an error occurred when the server executed the request
- 503 Service Unavailable: The server is temporarily overloaded or is being stopped for maintenance and cannot process requests
2. The response headers
The response header can also be used to pass some additional information
Common response headers
| The name of the | role |
|---|---|
| Date | Date of the server |
| Last-Modified | The time when the resource was last modified |
| Transfer-Encoding | The value is generally chunked. When content-Length is not specified, it indicates that the server does not know the data size of the response boardContent-EncodingResponse headers |
| Set-Cookie | Set the Cookie |
| Location | Redirect to another URL, such as enter browser, enter Baidu.com and press enter, it will automatically redirect to [www.baidu.com] is controlled by this response header |
| Server | Background server |
3. The response body
The response body is the body Content of the web page. Content-length is usually used in the response header to specify the Length of the response body, which is easy for the browser to receive.
Chunked encoding is also used for large amounts of text messages.
11. Browser input URL press enter behind what experience
1. First, enter the URL in the address bar of the browser and parse the URL to check whether the URL is valid
2, the browser first check the browser cache – system cache – router cache, if there is in the cache, it will directly display the page content on the screen. If not, then
Skip to step 3.
Browser cache: The browser keeps DNS records for some time, so it is only the first place to resolve DNS requests;
Operating system cache: If this record is not included in the browser cache, it causes the system to call the operating system to get the operating system’s record (saving the most recent
DNS query cache);
Router cache: If the preceding two steps fail to obtain DNS records, continue to search the router cache.
ISP cache: If all the preceding parameters fail, continue to search for the ISP.
3. Before sending an HTTP request, domain name resolution (DNS resolution) is required to obtain the corresponding IP address.
4. The browser initiates a TCP connection to the server and establishes a TCP three-way handshake with the browser.
5. After the handshake succeeds, the browser sends an HTTP request to the server for data packets.
6. The server processes the received request and returns the data to the browser
7. The browser receives an HTTP response
8. The browser decodes the response, and if it can be cached, stores it in the cache.
9. The browser sends a request to retrieve the resources embedded in HTML (HTML, CSS, javascript, images, music…). For unknown types, a dialog box will pop up.
10. The browser sends asynchronous requests.
11. The page is completely rendered.