preface
As a front end, having a deep understanding of HTTP communication allows us to quickly locate problems in our daily development work. So I highly recommend that you read the Illustrated HTTP and the Definitive HTTP Guide. The authoritative guide is very detailed and comprehensive, but the thickness of the book also makes many students shy away. I recommend you to start with the illustrated HTTP book. Although this book is not as detailed as the authoritative guide, it covers a lot of knowledge points that we need for daily development. Understanding it can make our development efficiency double with half the effort.
Illustrated HTTP is a comprehensive and systematic introduction to the HTTP protocol, the backbone of the Internet. The author starts from the history of HTTP development, carefully analyzes the structure of HTTP protocol, lists many common communication scenarios and practical cases, and finally extends to Web security, the latest technology trends and other aspects. Through the book’s many vivid communication legends, we can better understand the interaction between client and server during HTTP communication. I gained a lot in the process of reading this book, and recorded it in the way of mind mapping to facilitate my later review. If you haven’t read it yet, read it as a preview, and you’ll get something out of it. (The mind map may be a little small, so check it out.)
Understand the HTTP protocol for accessing the Web
This chapter introduces the basis of Web and network protocol. HTTP communication is divided into four layers, application layer, transmission layer, network layer and link layer. As long as each layer considers the task assigned to it, there is no need to make clear the details of the whole protocol link. The application layer is visible to the naked eye. HTTP and FTP are located at this layer, and then down is the transport layer, where TCP/IP works (our IP is an IP address, which is different from IP here), and then down is the network layer. Once the transport layer has established a connection, The network layer is responsible for the transfer of data packets (the smallest unit of network transmission). Finally, there’s the link layer, the part that connects network components, for example, what we call network cards, optical fibers. In a complete data transmission, the client will be processed in accordance with the order of application layer, transmission layer, network layer, link layer, each layer will add a header, the server in the receiving time according to the order of link layer, network layer, transmission layer, application layer to remove the header.
The three-way handshake is the policy adopted by TCP. TCP divides big data into packets for convenient transmission, and IP is responsible for sending the packets. The ARP protocol is used to search for the address of the next router.
Users tend to access domain names instead of IP addresses. To resolve domain names into corresponding IP addresses, the DNS domain name resolution service is required.
Simple HTTP protocol
In daily development, we are unaware of the underlying implementation of HTTP protocol. The HTTP protocol we know is always initiated by the client and received by the server. The request we are concerned with is usually the URI, protocol version, header information, and content entity of the request. The response information we often use includes the response status, the response content.
We often use HTTP methods that don’t work properly to perform different operations. We often use GET to GET resources, POST to transfer entity topics, PUT to transfer files, DELETE to DELETE files, OPTIONS to ask for supported methods (often used in cross-domain scenarios), TRACE to GET access paths, Use CONNECT to link proxy with tunnel protocol.
HTTP protocol is a stateless protocol that does not record the last access status, which makes it necessary to manage the status through cookies when we want to do public functions such as login.
HTTP Information contained in HTTP packets
By setting the head field, it can obtain part of the content range request (after the request resource is interrupted, there is no need to restart the request) and encode the transmitted content, so as to improve the loading efficiency.
Sometimes different scenes require us to obtain different content, such as the function of switching between Chinese and English on the page. In THE HTTP request, we set the request header field of the Accept class, which is the way of content negotiation, to return the most appropriate content. The negotiation modes include server-driven negotiation, client-driven negotiation, and transparent negotiation.
Returns the HTTP status of the result
In HTTP communication, the client is informed of the request status through the conversion code. Status codes can be roughly divided into five categories: 1xx indicates that the received request is being processed, 2xx indicates that the request is properly processed, 3xx indicates that additional operations need to be performed to complete the request, 4xx indicates that the client cannot process the request, and 5xx indicates that the server fails to process the request.
In these 5 categories of requests, we commonly use more than a dozen status codes, we need to focus on mastering, detailed introduction to see 👆 mind map.
A Web server that works with HTTP
Using VMS, you can deploy sites with multiple domain names on a single host. In practical communication, we often use proxy, gateway, tunnel assist request forwarding, secure communication.
To improve site performance, we use caching to increase site request rates, usually through proxy server caching and client caching. It is important to note that caches have an expiration date and that the cached content needs to be updated as the site content is updated.
HTTP headers
In the request, THE HTTP packet consists of request method, URI, HTTP version, HTTP header field and other parts. In the response, the HTTP packet consists of the HTTP version, status code, and HTTP header field. Header information is particularly important, we can pass the request information through the setting of header field, such as cache control, message creation time, whether compression encoding, whether cross-domain support and so on.
HTTPS to ensure Web security
What is a certified
An HTTP-based protocol for function addition
SPDY operates in the form of a new session layer between the TCP/IP application layer and transport layer. Using SPDY, the functions of HTTP protocol have been extended, realizing the multiplexing of streams, giving priority to requests, compressing HTTP headers, pushing functions, and server reminding functions.
With WebSocket for full-duplex communication, both client and server can actively send information to each other once a link is established. Compared with HTTP, it reduces the overhead of establishing a connection each time and reduces the communication header information.
HTTP/2.0 improves the speed experience when using the Web.
Techniques for building Web content
Web application development language three swordsmen, HTML, CSS, javascript. The book is too old to mention popular front-end frameworks such as Vue, React, and web building technologies. XML, JSON data publishing language, among which JSON is more commonly used, daily development are inseparable from him.
Web attack techniques
The common attacks are cross-site scripting attacks, SQL injection attacks, HTTP header injection attacks. The effects of these attacks can be seen in 👆 mind maps. Generally, the simple HTTP protocol itself does not have security problems, and the protocol itself will not become the target of attack. Hackers often take advantage of security vulnerabilities caused by design and setting defects, negligence of session management, etc.
😊 Previous reading notes
Now that I’ve finished my illustrated HTTP book, let’s read the Definitive GUIDE to HTTP next time. I’ve set up a repository on Github for the original mind maps, so if you don’t think they’re clear, you can download them on Github. If you also like to use mind map to record reading notes, you are welcome to maintain this warehouse with me. Please leave a message or communicate with me on wechat (646321933)
Close Reading of javascript You Don’t Know (Volume 1)
Close reading volume 2 of javascript You Don’t Know
Intensive reading of Node.js
Javascript garbage collection algorithm
Mind map download address
HTTP PDF download address