Reference links:

Juejin. Cn/post / 684490…

1: features of HTTP

  • Stateless: There is no relationship between requests, no transaction memory, and it is resolved through cookies and sessions
  • Multiple HTTP requests: in most cases when the client request page is not a request can be successful, the service side first is the response HTML page, and then the HTML browser response is received after page also references to other resources, for example, CSS, JS files, images, etc., and automatically send HTTP requests the resources you need.
  • Tcp-based: The current version has a default connection:keep-alive, which means that multiple HTTP requests use one TCP connection. Reduce the performance cost of opening or disconnecting TCP connections multiple times

2: indicates HTTP packets

2.1 Request Message

The client sends an HTTP request message to the server in the following format:

Request line, header, blank line and request data are composed of four parts.

Example:

HTTP/1.1 200 OK Date: Tue, 12 Jul 2016 21:36:12 GMT Content-Length: 563 Content-Type: text/ HTML<html>
    <body>
    Hello http!
    </body>
</html>

Copy the code
  • Request line: Specifies the request method, request URL, and protocol version
  • Request header: A field in the form of a key-value pair that displays some of the rule parameters of the request
  • A blank line
  • Request body: The data passed by the request

2.2 Response Message

Like a request message, an HTTP response consists of four parts: a status line, a message header, a blank line, and a response body.

The response body is the data you need to get

3. Request method

  • GET: The GET method is used to obtain server resources
  • POST: The POST method is generally used to transfer entity bodies
  • PUT: The PUT method is used to transfer files
  • DELETE: The DELETE method is used to DELETE files
  • HEAD: The HEAD method is used to obtain the packet HEAD without returning the packet body
  • OPTIONS: The OPTIONS method is used to ask for the method to request URI resource support

The most common methods are GET and POST. The main differences are:

  • GET the data entity for submitting the request is placed after the URL, using? For example: /index.html? name=wang&login=1; The parameters for POST are mostly in the Request body
  • The length of data submitted by GET is limited because the URL length is limited, and the exact length is browser-dependent. POST doesn’t.
  • The data submitted by GET is not secure because the parameters are exposed to the URL.
  • GET is cached, post is not
  • Keep browser history: GET does, POST does not

4. The HTTP header

HTTP header field is one of the most important elements in HTTP packets. Header fields are used in both requests and responses when passing information between the client and server, passing some important meta information. The header field is in the form of key-value pairs. Contains the size, language, and authentication information of the packet. HTTP header fields contain four types:

General Header Fields

Represents the field used by both request and response packets

Request Header Fields

Is the header field used by the client when sending a request to the server. Contains information about the additional content of the request, client information, and priority of the response content.

Response Header Fields

Is the header field used by the server to return the response to the client, containing the additional content of the response and possibly requiring the client to attach additional content information.

Entity Header Fields

  Is the header used for the entity part of the request message and response message. Contains entity-specific information such as when the resource content was updated.Common types of content-type:

  • application/x-www-form-urlencoded

    The most common way to submit data is by POST, native Form Form. If the encType attribute is not set, the default is Application/X-www-form-urlencoded. The data is encoded as key-value pairs separated by ‘&’, with ‘=’ separating key and value. Non-alphabetic or numeric characters are percent-encoding: this is why binary data is not supported for this type (multipart/form-data should be used instead).

  • multipart/form-data

    Generally used for form submission involving files,

  • application/json

    Used to tell the server that the message body is a serialized JSON string, one of the benefits is that the JSON format supports structured data that is much more complex than key-value pairs.

    With the popularity of JSON as a lightweight data interaction format, especially the convenience of script interaction, more and more people use JSON format in front and back interfaces.

5. Response status code

2 xx success

200 OK: indicates that the request sent from the client is correctly processed on the server. 204 No Content: indicates that the request is successful, but the response packet does not contain the body part of the entity

3 xx redirection

301 Moved permanently, permanently redirects: indicates that the resource has been assigned a new URL

302 Found, temporary redirection, indicating that the resource was temporarily assigned a new URL

303 See Other: indicates that another URL exists for the resource. Use GET to obtain the resource

304 Not Modified: indicates that the server allows access to the resource but the request condition is not met

307 Temporary redirect Is the same as 302

4XX Client error

400 Bad Request: Syntax errors exist in the request packet

401 Unauthorized: The request to be sent requires authentication information that is authenticated through HTTP

403 Forbidden: Access to requested resources is denied by the server

404 not found: No requested resource was found on the server

405 Method Not Allowed: Methods in the client request are prohibited

5XX Server error

500 Internal sever error: an error occurred when the server executed the request

503 Service Unavailable: The server is temporarily overloaded or is being stopped for maintenance and cannot process requests

504: Getaway Timeout. The gateway times out while the proxy server waits for the response from the application server

6. HTTPS:

The main differences between HTTPS and HTTP are as follows:

  • For HTTPS, you need to apply for a certificate from a CERTIFICATE authority (CA). Generally, a few free certificates need to be paid.

  • HTTP runs on TOP of TCP, and all transmitted content is in plain text. HTTPS runs on top of SSL/TLS, and SSL/TLS runs on top of TCP, and all transmitted content is encrypted.

  • HTTP and HTTPS use completely different connections and use different ports, the former 80 and the latter 443.

  • HTTP connections are simple and stateless; HTTPS is a network protocol that uses HTTP+SSL to encrypt transmission and authenticate identities. It effectively prevents hijackings by carriers and solves a major problem in preventing hijackings. It is more secure than HTTP.

If HTTPS is so secure why not use HTTPS all the time?

  • Encrypted communication consumes more CPU and memory resources
  • There is an overhead cost to purchasing a certificate

7. HTTP2.0

HTTP 2.0 has greatly improved web performance compared to HTTP 1.x

1. Multiplexing

Multiplexing allows multiple request-response messages to be sent simultaneously over a single HTTP2.0 connection, whereas in HTTP1.0 the browser client had a limited number of requests for the same domain name at the same time. HTTP2.0 can easily implement multi-stream parallelism without relying on establishing multiple TCP connections. HTTP2.0 reduces the basic unit of HTTP communication to frames that correspond to messages in a logical flow. Messages are exchanged bidirectionally over the same TCP connection in parallel.

2. Binary frame division

HTTP2.0 adds a binary framing layer between the application layer (HTTP2.0) and the transport layer (TCP/UDP). In the binary framing layer, HTTP2.0 splits all information into smaller messages and frames and encodes them in binary format over a single connection. This connection can host any number of two-way data streams. In the past, the key to HTTP performance optimization was not high bandwidth, but low latency. TCP connections “tune” themselves over time, limiting the maximum speed of the connection at first and increasing the speed of the transfer over time if the data is successfully transferred. This tuning is called TCP slow start. For this reason, HTTP connections that are inherently abrupt and short become very inefficient. HTTP/2 enables more efficient use of TCP connections by having all data flows share the same connection, allowing high bandwidth to truly serve HTTP’s performance gains.

3. Front compression

HTTP/1.1 does not support HTTP header compression, which is why SPDY uses the generic DEFLATE algorithm and HTTP/2 uses the HPACK algorithm designed specifically for header compression.

4. Server push

Server push is a mechanism for sending data before the client requests it. In HTTP/2, the server can send multiple responses to a single request from the client. Server push makes http1.x era optimizations using embedded resources meaningless; If a request is made from your home page, the server will probably respond with the home page content, logo, and style sheet because it knows the client will use those things. This is like having all the resources in one HTML document, but compared to that, server push has another big advantage: it can be cached! It also makes it possible to share cached resources between different pages while following homology.

8. What happens after you enter the url

  1. DNS domain name resolution;
  2. Establish a TCP connection.
  3. Send an HTTP request;
  4. The server handles requests;
  5. Return the response result;
  6. Disable the TCP connection.
  7. Browsers parse HTML;
  8. Browser layout rendering;