Preface: the following are their own summary, more or less there will be mistakes, if there are mistakes, I hope to point out

1.HTTP

HTTP: HyperText Transfer Protocol (HTTP) is the most widely used network Protocol on the Internet. The transmission is

2. HTTP message:

  • Request header: Common header fields: juejin.cn/post/684490…
  • The request line
  • A blank line
  • Request body

HTTP request method

  • GET: Usually used to obtain resources
  • POST: data is submitted, that is, uploaded
  • PUT: Modifies data
  • OPTIONS: Lists the request methods that can be applied to resources for cross-domain requests

GET and POST

  • The transport is different. A GET request sends the request packet at once, whereas a POST is split into two TCP packets, with the header part first and the body part if the server responds with 100(continue). (Except for Firefox, where POST requests only send a TCP packet)
  • The security is different: The data of POST is in the request body, so it has a certain security guarantee, while the data of GET is in the URL. Through the history record, the cache can easily find the data information.
  • Different from caching, GET requests are actively cached by the browser, leaving a history, while POST requests are not cached by default.
  • Different data types: GET allows only ASCII characters, while POST does not
  • Features are different: GET is secure and idempotent, while POST is non-secure and idempotent

The HTTP status code

1)200: indicates that the request is successful. The request sent from the client is normally processed by the server

2)301: A permanent redirect, the requested resource has been assigned a new URI, and should use the URI the resource now refers to

3)302: Temporary redirection. The requested resource is temporarily assigned a new URI, and the user is expected to use the new URI to access it

4)304: The server has executed the request, but the resource has not changed

5)400: The server cannot understand the request due to invalid syntax

6)401: Sent request not fulfilled due to lack of authentication credentials for target resource requirements.

7)403: The server understands the request, but refuses to execute it.

404: The requested resource was not found on the server

9)500: An error occurred while the server was executing the request and the request could not be completed

Advantages of HTTP:

  • Stateless: Stateless means that packets are sent, transmitted, and received independently of each other.
  • Connectionless: Connectionless means that neither of the communicating parties maintains any information of the other party for long.
  • Flexibility: mainly reflected in two aspects. One is semantically free, specifying only basic formats, such as separating words with Spaces and separating fields with newlines, while other parts have no strict syntactic restrictions. Another is the variety of transmission forms, not only can transmit text, but also can transmit pictures, videos and other arbitrary data, very convenient.

Disadvantages of HTTP:

  • stateless
  • Clear transmission
  • Queue header blocking problem: When HTTP is enabled for a long connection, a shared TCP connection can process only one request at a time. If the current request takes too long, other requests can only be blocked. This is discussed in the following section.

https

Is a security-oriented Http channel, the secure version of Http. It also adds a layer of SSL

SSL: Handshake process

The difference between HTTP and HTTPS

  • 1. For HTTPS, you need to apply for a certificate from a CA, which costs a lot
  • 2. HTTP is a hypertext transmission protocol, and information is transmitted in plain text. HTTPS is a secure SSL encryption transmission protocol
  • 3. HTTP and HTTPS use completely different connections and use different ports, the former 80 and the latter 443.
  • HTTP connections are simple and stateless. Https is a network protocol that uses SSL and Http to encrypt transmission and authenticate identity. It is more secure than Http

HTTP2.0 upgrade

  • Header compression: In HTTP/1.1 and prior eras, the request body typically had a response compression Encoding process, specified by the Content-Encoding header field, but have you ever thought about compression of the header field itself? When the request fields are very complex, especially for GET requests, the request messages are almost all request headers, there is still a lot of room for optimization.
  • Multiplexing: We discussed HTTP queue header blocking earlier. The root cause of this problem is HTTP’s request-response model. In the same TCP long connection, previous requests are not responded to, and subsequent requests are blocked. HTTP/2 addresses header blocking from the HTTP protocol itself. Note that this is not TCP queue header blocking, but HTTP queue header blocking, which is not the same thing. TCP queue header blocking is at the packet level. If the previous packet is not received, subsequent packets will not be uploaded to HTTP. HTTP queue header blocking is at the HTTP request-response level, subsequent requests will be blocked before the previous request is processed. They are at different levels.
  • Binary frame splitting: HTTP/2 believes that plaintext transmission is too troublesome for the machine and not convenient for the computer to parse, because for the text will have polysemous characters, such as whether carriage return newline is content or delimiter, in internal need to use the state machine to identify, low efficiency. So HTTP/2 simply changed all the packets into binary format, all transmission 01 string, convenient machine parsing.
  • Server Push: A special mention is made of HTTP/2 Server Push. In HTTP/2, the server is no longer completely passive to receive and respond to requests. It can also create a stream to send messages to the client. When a TCP connection is established, for example, the browser requests an HTML file, the server can return the HTML, Other resource files referenced in the HTML are returned to the client, reducing the client’s wait.