HTTP protocol details
HyperText Transfer Protocol (HTTP) HyperText Transfer Protocol. It was originally designed to provide a way to publish and receive HTML pages. HTTP is a standard for requests and responses between clients (users) and servers.
- By the user
The Web browserorOther Software ToolstoSpecify the specified port of the server (default port 80)Make an HTTP request. Request to obtain some resources stored on the server, such as: HTML files, images, documents, etc. The HTTP serverIn theSpecify port (default port 80)Listen for client requests. Once a client request is received, the server returns a status to the client, such asHTTP / 1.1 200 OK; And return the requested content, such as files, pictures, etc. Or an error message corresponding to the request.
HTTP request
An HTTP request consists of three parts: the request line, request-header, and request-body
1.1. Request Line
Request line format: Method request-uri HTTP-version CRLF Request line example: GET /form. HTML HTTP/1.1 /r/ N
Methods The HTTP/1.1 protocol defines eight methods to manipulate a given resource in different ways:
| Method | Method statement |
|---|---|
| GET | Requests the resource identified by request-URI |
| POST | Submit data to a specified resource, asking the server to process it (for example, submit a form or upload a file) |
| HEAD | Request a response message header for the resource identified by request-URI |
| PUT | Uploads its latest content to the specified resource location |
| DELETE | Requests the server to remove the resource identified by request-URI |
| TRACE | The requesting server sends back the received request information, mainly for testing or diagnostics |
| OPTIONS | This method causes the server to return all HTTP request methods supported by the resource. You can test whether the server functions properly by sending an OPTIONS request to the Web server |
| CONNECT | Reserved for future use |
Request-uri Specifies the unified resource ID. For example, www.baidu.com/ http-version Indicates the HTTP Version. Example: HTTP/1.1 CRLF carriage return line feed. Example: a/r/n
1.2, the request header
Request – the header, for example:
mob-token: iammobtokeniammobtokeniammobtoken User-Agent: Demo_Android Cookie: Client_i = android# v1.0.0 # deviceid# android6.0.1; [email protected]; client_urstoken=iamtokeniamtokeniamtoken Connection: Keep-Alive Host: demo.comCopy the codeRequest-header Keywords are described in the following table:
| request-header | Meaning that | For example, |
|---|---|---|
| User-Agent | User-agent contains the information about the User that sends the request | The user-agent: Mozilla / 5.0 (Linux; X11) |
| Host | Specifies the domain name and port number of the requested server | Host: www.zcmhi.com |
| Cookie | When an HTTP request is sent, all cookie values stored under the domain name of the request are sent to the Web server. | Cookie: $Version=1; Skin=new; |
| Content-Length | The content length of the request | Content-Length: 348 |
| Content-Type | MIME information that corresponds to the entity being requested | Content-Type: application/x-www-form-urlencoded |
| Accept | Specifies the type of content that the client can receive | Accept: text/plain, text/html |
| Accept-Charset | A set of character encodings acceptable to the browser. | Accept-Charset: iso-8859-5 |
| Accept-Encoding | Specifies the type of web server content compression encoding that the browser can support. | Accept-Encoding: compress, gzip |
| Accept-Language | Browser acceptable language | Accept-Language: en,zh |
| Accept-Ranges | You can request one or more subscope fields of a web page entity | Accept-Ranges: bytes |
| Authorization | HTTP authorization certificate | Authorization: BasicQWxhZGRpbjpvcGVuIHNlc2FtZQ== |
| Connection | Indicates whether a persistent connection is required. (HTTP 1.1 makes persistent connections by default) | Connection: close |
| Date | The date and time the request was sent | Date: Tue, 15 Nov 2010 08:12:31 GMT |
| From | Email address of the user who made the request | From: [email protected] |
| Expect | The specific server behavior requested | Expect: 100-continue |
| Cache-Control | Specify the caching mechanism that requests and responses follow | Cache-Control: no-cache |
| If-Match | This is valid only if the request content matches the entity | If – the Match: “737060 cd8c284d8af7ad3082f209582d” |
| If-Modified-Since | If the part of the request is modified after the specified time, the request succeeds; if it is not modified, the 304 code is returned | If-Modified-Since: Sat, 29 Oct 2010 19:43:31 GMT |
| If-None-Match | If the content has not changed, the 304 code is returned with the Etag sent by the server. The Etag is compared with the Etag returned by the server to determine whether it has changed | If None – Match: “737060 cd8c284d8af7ad3082f209582d” |
| If-Range | If the entity has not changed, the server sends the missing part of the client, otherwise sends the whole entity. The parameter is also Etag | If – Range: “737060 cd8c284d8af7ad3082f209582d” |
| If-Unmodified-Since | The request succeeds only if the entity has not been modified after the specified time | If-Unmodified-Since: Sat, 29 Oct 2010 19:43:31 GMT |
| Max-Forwards | Limit the amount of time messages can be sent through proxies and gateways | Max-Forwards: 10 |
| Pragma | Used to contain implementation-specific instructions | Pragma: no-cache |
| Proxy-Authorization | Certificate of authorization to connect to the agent | Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== |
| Range | Only a portion of the entity is requested, specifying scope | Range: bytes=500-999 |
| Referer | The address of the previous web page, followed by the current requested web page, is the incoming path | Referer: www.zcmhi.com/archives/71… |
| TE | The client is willing to accept the transmission code and notifies the server to accept the end plus header message | TE: trailers,deflate; Q = 0.5 |
| Upgrade | Specify some transport protocol to the server for the server to convert (if supported) | Upgrade: HTTP/2.0, SHTTP/1.3, IRC/6.9, RTA/ X11 |
| Via | Notification intermediate gateway or proxy server address, communication protocol | Via: 1.0 fred, 1.1 nowhere.com (Apache/1.1) |
| Warning | Warning information about message entities | Warn: 199 Miscellaneous warning |
HTTP response
After the server processes the client request, it returns an HTTP response message. Similar to the HTTP request, the HTTP response is composed of three parts, namely, the status line, response-header, and Response-body.
2.1. Status lines
Status line format: http-version status-code reason-phrase CRLF Status line example: HTTP/1.1 200 OK /r/n
Status-code Status Code: the Status Code consists of three digits, indicating whether the request is understood or fulfilled. The first number of the status code defines the category of the response; the next two numbers have no specific classification.
There are five possible values for the first number:
| Status code | meaning |
|---|---|
| 1xx: | Indication message – Indicates that the request has been received and processing continues |
| 2xx | Success – Indicates that the request has been successfully received, understood, and accepted |
| 3xx | Redirect – Further action must be taken to complete the request |
| 4xx | Client error – The request has a syntax error or the request cannot be implemented |
| 5xx | Server side error – The server failed to fulfill a valid request |
Examples of status codes:
| Status Code Example | State description | Details description |
|---|---|---|
| 200 | OK | The client request succeeded. Procedure |
| 400 | Bad Request | The client request cannot be understood by the server because of a syntax error. |
| 401 | Unauthonzed | Unauthorized request. This status code must be used with the WWW-Authenticate header field |
| 403 | Forbidden | The server received the request but refused service. The server usually gives the reason for not providing the service in the response body |
| 404 | Not Found | The requested resource does not exist, for example, an incorrect URL was entered |
| 500 | Internal Server Error | An unexpected error occurred on the server that prevented the client from completing the request |
| 503 | Service Unavailable | The server is currently unable to process client requests and may return to normal after some time |
2.2, the response headers
The response – the header, for example:
Server: xiaxl
Date: Thu, 29 Aug 2019 06:10:55 GMT
Content-Type: application/json; charset=UTF-8Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
Set-Cookie: XIAXL=xiaxl; Domain=demo.com; Path=/
Copy the codeResponse-header keywords are described in the following table:
| response-header | explain | The sample |
|---|---|---|
| Content-Encoding | The type of returned content compression encoding supported by the Web server. | Content-Encoding: gzip |
| Content-Language | The language of the response body | Content-Language: en,zh |
| Content-Length | The length of the response body | Content-Length: 348 |
| Content-Location | Request an alternate address for alternate resources | Content-Location: /index.htm |
| Content-MD5 | Returns the MD5 check value of the resource | Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ== |
| Content-Range | The byte position of this part in the entire return body | Content-Range: bytes 21010-47021/47022 |
| Content-Type | Returns the MIME type of the content | Content-Type: text/html; charset=utf-8 |
| Accept-Ranges | Indicates whether the server supports scoped requests and what type of segmented requests | Accept-Ranges: bytes |
| Age | Estimated time from the original server to proxy cache formation (in seconds, non-negative) | Age: 12 |
| Allow | A valid request for a network resource. If not allowed, 405 is returned | Allow: GET, HEAD |
| Date | The time when the original server message was sent | Date: Tue, 15 Nov 2010 08:12:31 GMT |
| Cache-Control | Tell all caching mechanisms whether they can cache and what type | Cache-Control: no-cache |
| ETag | The current value of the entity label of the request variable | ETag: “737060 cd8c284d8af7ad3082f209582d” |
| Expires | The expiration date and time of the response | Expires: Thu, 01 Dec 2010 16:00:00 GMT |
| Last-Modified | The last modification time of the requested resource | Last-Modified: Tue, 15 Nov 2010 12:45:26 GMT |
| Location | Used to redirect the recipient to the location of the non-requested URL to complete the request or to identify a new resource | Location: www.zcmhi.com/archives/94… |
| Pragma | This includes implementing specific instructions that can be applied to any recipient on the response chain | Pragma: no-cache |
| Proxy-Authenticate | It indicates the authentication scheme and the parameters that can be applied to the URL of the broker | Proxy-Authenticate: Basic |
| refresh | Applied to redirects or a new resource is created, redirects after 5 seconds (proposed by Netscape and supported by most browsers) | Refresh: 5; url=http://www.zcmhi.com/archives/94.html |
| Retry-After | If the entity is temporarily unavailable, notify the client to try again after the specified time | Retry-After: 120 |
| Server | Name of the Web server software | Server: Apache / 1.3.27 (Unix) (Red Hat/Linux) |
| Set-Cookie | Set the Http cookies | Set-Cookie: UserID=JohnDoe; Max-Age=3600; Version=1 |
| Trailer | Indicates that the header field exists at the end of the block transfer code | Trailer: Max-Forwards |
| Transfer-Encoding | File transfer coding | Transfer-Encoding:chunked |
| vary | Tell the downstream proxy whether to use a cached response or request from the original server | Vary: * |
| Via | Tell the proxy client where the response is sent | Via: 1.0 fred, 1.1 nowhere.com (Apache/1.1) |
| Warning | Alerts entities to possible problems | Warning: 199 Miscellaneous warning |
| WWW-Authenticate | Indicates the authorization scheme that the client requesting entity should use | WWW-Authenticate: Basic |
Examples of HTTP
Here are two examples:
- An Http GET request and response;
- An Http POST request and response;
3.1 examples of Http GET
HTTP GET packet capture data is as follows:
GET /demo/getData.do? DeviceId = 123 & userId = xiaxl HTTP / 1.1 / line/request mob - token: iammobtokeniammobtokeniammobtoken / / request - the header the user-agent: Demo_Android cookies: client_i = android# v1.0.0 # deviceid# android6.0.1; [email protected]; client_urstoken=iamtokeniamtokeniamtoken Connection: Keep-Alive Host: demo.comCopy the codeHTTP GET packet capture data is as follows:
HTTP / 1.1200OK // Response status lineServer: xiaxl // response-header
Date: Thu, 29 Aug 2019 06:10:55 GMT
Content-Type:application/json; charset=UTF- 8 -
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: XIAXL=xiaxl; Domain=demo.com; Path=/
{"code":200} // response-body
Copy the code3.2. Example of Http POST
The packet capture data in the Http POST request is as follows:
POST /demo/postData.do? Sign = HTTP / 1.1 / ABC/request line mob - token: iammobtokeniammobtokeniammobtoken / / request - the header the user-agent: Demo_Android cookies: client_i = android# v1.0.0 # deviceid# android6.0.1; [email protected]; client_urstoken=iamtokeniamtokeniamtoken Content-Length: 371 Content-Type: application/x-www-form-urlencoded; charset=utf-8 Connection: Keep-Alive Host: demo.com [{"deviceId":"123","userId":"xiaxl"}] // request-bodyCopy the codeHTTP POST packet capture data is as follows:
HTTP / 1.1200OK // Response status lineServer: xiaxueliang // response-header
Date: Thu, 29 Aug 2019 06:09:41 GMT
Content-Type:application/json; charset=UTF- 8 -
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: XIAXL=xiaxl; Domain=demo.com; Path=/
{"code":200} // response-body
Copy the code3.3. Upload Http Post files
Http POST file upload request. Packet capture data is as follows:
POST/demo/photoUpload. Do HTTP / 1.1 / line/request mob - token: iammobtokeniammobtokeniammobtoken / / request - the header the user-agent: Demo_Android cookies: client_i = android# v1.0.0 # deviceid# android6.0.1; [email protected]; client_urstoken=iamtokeniamtokeniamtoken Content-Length: 12345 Content-Type: multipart/form-data; Boundary = F9817FCB-6AD7-4445-9F7B-2AB30578C4AC Connection: keep-alive Host: demo.com // body File data omitted... // request-bodyCopy the codeThe Http POST file is uploaded, and the packet capture data is as follows:
HTTP / 1.1200OK // Response status lineServer: xiaxl // response-header
Date: Thu, 29 Aug 2019 06:10:55 GMT
Content-Type:application/json; charset=UTF- 8 -
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: XIAXL=xiaxl; Domain=demo.com; Path=/
{"code":200} // response-body
Copy the code4. The Reponse Header of some well-known websites contains the client IP address
The Reponse headers of some well-known websites contain client IP addresses
Look at its Response Header data
Five, reference:
Wikipedia: Hypertext Transfer Protocol zh.wikipedia.org/wiki/ Hypertext Transfer Protocol…
HTTP requests and MIME introduce www.cnblogs.com/Dev0ps/p/80…
The HTTP headers, rounding kb.cnblogs.com/page/92320/
========== THE END ==========
