Original article: Fanmengyuan

HTTP is an application layer protocol based on TCP/IP, which is a basic protocol of the modern Internet. Specifies the communication format between the client and the server and the service port 80(443 for HTTPS) used.

version

HTTP protocol has gone through four versions since its inception:

HTTP 0.9 -> HTTP 1.0 -> HTTP 1.1 -> HTTP 2
Copy the code

The HTTP 0.9

HTTP 0.9 is one of the oldest versions

  • Only supportGETRequest mode: Since no other request mode is supported, the client cannot send much information to the server
  • There is no concept of request headers: you cannot specify a version number in a request, and the server only has the ability to return HTML strings
  • After the server responds, the TCP connection is closed immediately

The HTTP 1.0

With the release of HTTP 1.0, this version:

  • New request modes include POST, DELETE, PUT, and HEADER
  • Added the concept of request headers and response headers, specifying HTTP protocol version numbers in communication, and other meta information (such as: status code, permissions, cache, content encoding)
  • Expanded the transmission format, pictures, audio and video resources, binary and so on can be transmitted

In this release, the request and response meta-information has been extended, so that clients and servers have more access to all the information about the current request, so that they can better and faster process the request-related content.

Request header

Header information for a simple request

GET/HTTP/1.0 user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) Accept: */*Copy the code

You can see that after the request method there is the location of the requested resource + the request protocol version, followed by some client configuration information

Response headers

Header information for a simple response (V1.0)

HTTP/1.0 200 OK Content-Type: text/plain Content-Length: 137582 Expires: Thu, 05 Dec 1997 16:00:00 GMT last-Modified: Wed, 5 August 1996 15:55:28 GMT // This is a blank line... The data contentCopy the code

The response header on the server side is the request protocol version, followed by the status code of the request and a description of the status code, followed by some description of the returned content.

Content-Type

In HTTP 1.0, any resource could be transmitted in a variety of formats, and the client would parse the response body based on the content-Type. So the server must return with this field.

Some common content-Types can be referenced in the comparison table. These Content-Types have a generic name called MIME Types.

About MIME types, here’s an interlude:

In Chrome, when the MIME Type of the data returned from a cross-domain request does not match the MIME type of the cross-domain label, the browser starts CORB to protect the data from being leaked. Protected data includes HTML, XML, and JSON. (The MIME Type supported by eg: script and IMG tags are not the same), so the server must return the correct content-Type when returning the resource, so that the browser does not block the return result.

The problem I have encountered is that after Chrome V76, cross-domain image resources will be blocked when the content-type is not image/*, and the page will not display the image.

features

  • Stateless: The server does not track the requested status
  • No connection: The browser establishes a TCP connection for each request
stateless

For stateless features, the cookie/session mechanism can be used for identity authentication and status recording

There is no connection

There are two types of performance defects caused by no connection:

  • Unable to reuse connections Each time a request is sent, a TCP connection (three handshakes and four waves) is required, resulting in low network utilization
  • Header blocking HTTP 1.0 states that the next request cannot be sent until the response to the previous request arrives. If the previous request is blocked, subsequent requests are blocked as well

The HTTP 1.1

HTTP 1.1 was released six months after the 1.0 release, improving on the 1.0 release. There are also many Internet projects that provide services based on HTTP 1.1.

features

  • Long Connection: The Connection field is added and the keep-alive value can be set to keep the Connection open
  • Pipelining: Based on the long connection above, pipelining can continue to send subsequent requests without waiting for the first response, but the response is returned in the order requested
  • Cache processing: Added field cache-control
  • Breakpoint transmission
A long connection

HTTP 1.1 maintains long connections by default. After data transfer is complete, the TCP connection is kept open and data is transmitted over this channel

pipelining

Based on the long connection basis, let’s look at the request response without pipelining:

TCP is not disconnected, using the same channel

Request 1 > Response 1 --> Request 2 > Response 2 --> Request 3 > Response 3Copy the code

Pipelined request response:

Request 1 --> Request 2 --> Request 3 > Response 1 --> Response 2 --> Response 3Copy the code

Even if the server prepares response 2 first, response 1 is returned in the order requested

Although pipelined, multiple requests can be sent at once, but the response is still returned sequentially, still does not solve the problem of queue head blocking

Cache handling

When a browser requests a resource, it checks whether there is a cached resource. If there is a cached resource, the browser directly obtains the cached resource and does not send another request. If there is no cached resource, the browser sends a request. Cache is controlled by setting the field cache-control.

Breakpoint transmission

When uploading or downloading resources, divide the resources into multiple parts and upload or download them separately. If a network fault occurs, you can continue to upload or download the resources from the places where the resources have been uploaded or downloaded, instead of starting from the beginning to improve efficiency

HTTP 2

Features:

  • Binary framing
  • Multiplexing: Sending requests and responses simultaneously over a shared TCP connection
  • The head of compression
  • Server push: The server can push additional resources to the client without an explicit request from the client

Binary framing

The parsing of HTTP 1.x is based on text. After HTTP 2, all transmitted information is divided into smaller messages and frames, and they are encoded in binary format to improve transmission efficiency

multiplexing

Requests and responses are sent simultaneously on the basis of shared TCP links. Based on binary framing, all accesses under the same domain name are routed through the same TCP connection. HTTP messages are decomposed into separate frames and sent out of order, and the server reassembles the messages according to the identifier and header.

The head of compression

Because HTTP is stateless, each request requires header information to identify the relevant information of the request, so many duplicate information will be transmitted. As the number of requests increases, the consumption of resources will slowly accumulate. Therefore, HTTP 2 can maintain a header dictionary to update header information and reduce the resources occupied by header information transmission. For details, see HTTP/2 Header compression technology.

HTTP and HTTPS

  • HTTPS requires a certificate
  • HTTP and HTTPS use different ports, the former is 80, the latter is 443
  • HTTP runs on TOP of TCP, and all transmitted content is in plain text. HTTPS runs on top of SSL/TLS, and SSL/TLS runs on top of TCP, and all transmitted content is encrypted
  • HTTPS effectively prevents carrier hijacking

At the end

Although HTTP 2 was released in 2015, there are many Internet services using HTTP 1.x version. One of the reasons is that mainstream browsers such as Chrome and Firefox only support HTTP 2 protocol based on TLS deployment. This means you need to upgrade your site to HTTPS. HTTPS, however, requires a certificate.

Of course, if your website has already upgraded to HTTPS, it is very easy to upgrade to HTTP 2. Nginx has Released an open-source nginx release with HTTP/2 Support

Refer to the article

  • www.ruanyifeng.com/blog/2016/0…
  • Imququ.com/post/header…
  • Cloud.tencent.com/developer/n…
  • www.cnblogs.com/Leo_wl/p/10…