This is the second day of my participation in Gwen Challenge

Object used by THE HTTP protocol

The first thing to make clear is that HTTP protocol communication explicitly distinguishes between two objects:

  • The client
  • The service side

Request and response

Requests can only be made by the client, and then the server responds to the request and returns. That is, a communication must start from the client, and the server cannot use HTTP to actively send requests to the client.

Here’s an example:

Client sends request:

  • GET: Indicates the type of request to access the server, called a method.
  • /index.html: Specifies the resource object to be accessed, also called a URI
  • HTTP / 1.1:HTTPProtocol Version number

Request access to the /index.htm page resource on an HTTP server.

A request message consists of the request method, request URI, protocol version, optional request header fields, and content entities.

Server response:

  • HTTP / 1.1: Indicates the HTTP version of the server
  • 200 OK: Process the status code and cause phrase for the result
  • Date,Content-Length: These are the first fields
  • The last line is the returned subject content

The response message basically consists of the protocol version, the status code (the numeric code indicating the success or failure of the request), the reason phrase used to explain the status code, the optional response header field, and the entity body.

Stateless protocol

HTTP is a protocol that does not store communication state and does not persist requests or responses. The goal is to be able to process a large number of transactions faster.

HTTP request method

methods role Supported HTTP version
GET Access to resources 1.0, 1.1,
POST Transport entities 1.0, 1.1,
PUT Transfer files 1.0, 1.1,
HEAD Get message header 1.0, 1.1,
DELETE Deleting a Specified resource 1.0, 1.1,
OPTIONS Determine which request methods the server supports 1.1
TRACE Trace the path, that is, the path of the request. Easy to causeXSTattack 1.1
CONNECT Require tunneling protocols (e.gSSL,TLS) Connection proxy 1.1
LINK Establish relationships with resources 1.0
UNLINK Disconnection relation 1.0

A persistent connection

In earlier versions of HTTP, persistent connections were not supported, meaning that TCP was connected and closed once per request. This is a waste of performance, so keep-alive, or persistent connection, is proposed.

pipelines

Pipelining can be understood as the ability for multiple requests to execute concurrently without having to wait synchronously. This is also the benefit of persistent connections.

Use cookies for state management

We mentioned earlier that HTTP itself is stateless, which can reduce server resource consumption, and HTTP is used in various scenarios because of this feature. However, statelessness also brings a problem, such as the inability to manage the user login state, so cookies are introduced to control the state of the client.

  1. After receiving the first request from the client, the server generates one based on the client informationCookieTo add a call to the response messageSet-CookieTo inform the client to save the header field informationCookie
  2. After that, each time the client sends a request, there is one in the request headerCookieField, server based on thisCookieI can control the state.