This is the second day of my participation in Gwen Challenge
Object used by THE HTTP protocol
The first thing to make clear is that HTTP protocol communication explicitly distinguishes between two objects:
- The client
- The service side
Request and response
Requests can only be made by the client, and then the server responds to the request and returns. That is, a communication must start from the client, and the server cannot use HTTP to actively send requests to the client.
Here’s an example:
Client sends request:
GET: Indicates the type of request to access the server, called a method./index.html: Specifies the resource object to be accessed, also called a URIHTTP / 1.1:HTTPProtocol Version number
Request access to the /index.htm page resource on an HTTP server.
A request message consists of the request method, request URI, protocol version, optional request header fields, and content entities.
Server response:
HTTP / 1.1: Indicates the HTTP version of the server200 OK: Process the status code and cause phrase for the resultDate,Content-Length: These are the first fields- The last line is the returned subject content
The response message basically consists of the protocol version, the status code (the numeric code indicating the success or failure of the request), the reason phrase used to explain the status code, the optional response header field, and the entity body.
Stateless protocol
HTTP is a protocol that does not store communication state and does not persist requests or responses. The goal is to be able to process a large number of transactions faster.
HTTP request method
| methods | role | Supported HTTP version |
|---|---|---|
GET |
Access to resources | 1.0, 1.1, |
POST |
Transport entities | 1.0, 1.1, |
PUT |
Transfer files | 1.0, 1.1, |
HEAD |
Get message header | 1.0, 1.1, |
DELETE |
Deleting a Specified resource | 1.0, 1.1, |
OPTIONS |
Determine which request methods the server supports | 1.1 |
TRACE |
Trace the path, that is, the path of the request. Easy to causeXSTattack |
1.1 |
CONNECT |
Require tunneling protocols (e.gSSL,TLS) Connection proxy |
1.1 |
LINK |
Establish relationships with resources | 1.0 |
UNLINK |
Disconnection relation | 1.0 |
A persistent connection
In earlier versions of HTTP, persistent connections were not supported, meaning that TCP was connected and closed once per request. This is a waste of performance, so keep-alive, or persistent connection, is proposed.
pipelines
Pipelining can be understood as the ability for multiple requests to execute concurrently without having to wait synchronously. This is also the benefit of persistent connections.
Use cookies for state management
We mentioned earlier that HTTP itself is stateless, which can reduce server resource consumption, and HTTP is used in various scenarios because of this feature. However, statelessness also brings a problem, such as the inability to manage the user login state, so cookies are introduced to control the state of the client.
- After receiving the first request from the client, the server generates one based on the client information
CookieTo add a call to the response messageSet-CookieTo inform the client to save the header field informationCookie - After that, each time the client sends a request, there is one in the request header
CookieField, server based on thisCookieI can control the state.