Second, HTTP protocol
1 Basic Concepts
1.1 Message Format
- A request message consists of the request method, request URI, protocol version, optional request header fields, and content entities.
- The response message basically consists of the protocol version, the status code (the numeric code indicating the success or failure of the request), the reason phrase used to explain the status code, the optional response header field, and the entity body.
1.2 stateless
- HTTP is a protocol that does not save state
- With HTTP, a new response is generated whenever a new request is sent. The protocol itself does not retain information about all previous request or response messages. The HTTP protocol is designed to be so simple in order to process a large number of transactions more quickly and ensure protocol scalability.
- Although HTTP/1.1 is a stateless protocol, Cookie technology was introduced in order to achieve the desired state retention function. With cookies and HTTP communication, you can manage state.
1.3 HTTP methods
- GET and POST are most commonly used
- The HEAD method is the same as the GET method, except that it does not return the body part of the packet. Used to verify the validity of the URI and the date and time of resource updates.
- Because PUT and DELETE do not have authentication mechanisms, anyone can upload or DELETE files, causing security problems. It may be open for use when combined with Web application validation mechanisms, or in compliance with REST standards.
1.4 Persistent connection and pipelining techniques
- Persistent connection After a TCP connection is established, multiple requests and responses are exchanged
- This reduces the overhead caused by the repeated establishment and disconnection of TCP connections and reduces the load on the server side.
- This reduced overhead allows HTTP requests and responses to end earlier, which increases the speed of Web page display.
- In HTTP/1.1, all connections are persistent by default.
- Pipelining enables multiple requests to be sent simultaneously in parallel without having to wait for one response after another.
- Pipelining is faster than persistent connections. The more requests there are, the more significant the time difference becomes.
2 HTTP message
2.1 Packet Structure
2.2 coding
- HTTP can directly transmit data as it is, but can also improve the transmission rate through encoding during transmission. A large number of access requests can be efficiently handled by encoding at transport time. However, the operation of coding requires the computer to complete, so it will consume more RESOURCES such as CPU.
- Generally, the message body is equal to the entity body. Only when the encoding operation is carried out in transmission, the content of the entity body changes, causing it to be different from the packet body.
- Common content encoding
- Chunk transfer coding: When transferring a large amount of data, the browser can gradually display the page by dividing the data into chunks.
2.3 Multi-part Object Collection
The body of a sent message can contain multiple types of entities. Usually used when uploading images or text files, etc.
- Multipart /form-data is used when uploading Web form files.
- Multipart/Byteranges Status code 206 Used when the response packet contains multiple ranges of content.
2.4 Range Request
If network interruption occurs during the download process, the download can be resumed from the previous download break.
- For a range request, a 206 Partial Content response message is returned.
- For multiple range requests, the response returns a response message with the header ContentType indicating multipart/byteranges.
2.5 Content Negotiation
The client and server negotiate with each other about the resource content of the response, and the language, character set, encoding mode, and so on of the response resource are used as the benchmark for judgment.
- The header field in the request message
- Accept
- Accept-Charset
- Accept-Encoding
- Accept-Language
- Content-Language
3 HTTP status code
A status code, such as 200 OK, consists of three digits and a reason phrase.
3.1 2 xx
- 200 The OK request was processed normally
- 204 No Content Is used when only information needs to be sent from the client to the server, but No new information Content needs to be sent to the client.
- The page displayed by the browser is not updated. For example, if the response code of a tag is 204, the page will not be redirected.
- 206 Partial Content The Partial Content client made a scope request, and the server successfully executed that part of the GET request.
3.2 3 xx
When the browser accepts Location: XXXX in the header, it automatically jumps to the URL that XXXX points to, which is similar to writing a jump with JS.
- 301 Moved Permanently The resource requested by Permanently has been assigned a new URI. You are advised to change the bookmark URI
- The resource requested by 302 Found has been assigned a new URI and may change in the future
- 303 See Other If another URI exists for the requested resource, use the GET method to obtain the requested resource
- 304 Not Modified A condition in which a client sends a conditional request and the server allows the request to access a resource, but the condition is Not met.
- A conditional request packet that uses the GET method contains any of if-match, if-modifiedSince, if-none-match, if-range, or if-unmodified-since headers.
- Although 304 is classified as 3XX, it has nothing to do with redirection.
3.4 4 xx
Indicates that the client is the cause of the error.
- 400 Bad Request Syntax errors exist in the Request packet.
- 401 Unauthorized The request to be sent requires authentication information that is authenticated through HTTP. In addition, if the request has been made once before, the user authentication fails.
- 403 Forbidden Access to the requested resource is denied by the server.
- 404 Not Found Indicates that the requested resource cannot be Found on the server.
- It can also be used when the server rejects the request without giving a reason.
3.5 5 xx
- 500 Internal Server Error Indicates that an Error occurred while executing the request on the Server side.
- 503 Service Unavailable Indicates that the server is temporarily overloaded or is down for maintenance and cannot process requests.
4 Communication data forwarding program
In HTTP communication, in addition to clients and servers, there are applications for forwarding communication data, such as proxies, gateways, and tunnels. Requests can be forwarded to the next server on the line, and responses sent from that server can be received and forwarded to the client.
4.1 the agent
A proxy is a forwarding application that acts as a “middleman” between the server and the client, receiving requests sent by the client and forwarding them to the server, and receiving responses returned by the server and forwarding them to the client.
- Each time a request or response is forwarded through a proxy server, Via header information is appended
4.2 the gateway
A gateway is a server that forwards communication data from other servers, and when it receives a request from a client, it processes the request as if it were a source server with its own resources. Sometimes the client may not even realize that its communication target is a gateway.
- The gateway enables the server on the communication line to provide non-HTTP services.
- Using gateways improves communication security because the communication line between the client and gateway can be encrypted to secure the connection.
4.3 the tunnel
A tunnel is an application that communicates between a remote client and a remote server.
5 HTTP header
5.1 GM head
Header used by both request and response packets.
- Cache-control Controls the working mechanism of the Cache.
- No-cache indicates that expired resources are not cached. The cache will process the resources after the expiration date is confirmed by the source server. No-store indicates that expired resources are not cached.
- Connection
- Controls header fields that are no longer forwarded to the agent
- Managing persistent Connections
- The default connection for HTTP/1.1 is persistent. When the server wants to explicitly disconnect, specify the value of the Connection header field as Close.
- The default connection for HTTP versions prior to HTTP/1.1 was non-persistent. To maintain a persistent Connection, specify a keep-alive value for the Connection header field.
- Via to track the transmission path of request and response packets between the client and the server.
5.2 Request Header Field
Header used to send request packets from the client to the server. This section provides additional information about the request, client information, and priority of the response.
- Accept-encoding Tells the server the content Encoding supported by the user agent and the priority order of the content Encoding.
- Host Virtual hosts run on the same IP address, so use the header field Host to distinguish them
- The Host header field is the only header field in the HTTP/1.1 specification that must be included in the request. If the server does not have a host name, send a null value.
5.3 Response header Field
Header used to return response packets from the server to the client. Additional content added to the response also requires the client to attach additional content information.
5.4 Entity head Field
The header used for the entity portion of request and response messages. Added entity-related information such as when the resource content was updated.
5.5 Header fields related to cookies
- Set-Cookie