What is domain name divergence and domain name convergence?
1. Divergent domain names
To break the limit of concurrent requests for the same domain name, HTTP static resources use multiple subdomains, usually two to four.
The goal is to take full advantage of the multi-threaded concurrent download capabilities of modern browsers.
2. Domain name convergence
Domain name convergence is the opposite of domain name divergence. In this case, static resources are placed under one domain name instead of multiple domain names.
It is mainly to meet the development needs of mobile terminals.
2. Why do browsers have concurrency limits?
- In the past, the network speed is slow, the server hardware is poor, the load capacity is poor, and it is easy to crash
Maximum concurrencyTo limit - Preventing DDOS attacks
What is a DDOS attack? What are the DDOS attacks? How to deal with DDOS attacks?
1. What are DDOS attacks
Distributed denial of Service attacks
Making a large number of simultaneous service requests to the target system.
2. DDOS attacks
- Interfering with or even blocking normal network communication by overloading the network;
- Overload the server by flooding it with requests;
- Blocking a user from accessing the server;
- To block communication between a service and a specific system or person.
3. How to respond to DDOS attacks
- The blacklist
- DDOS cleaning: Monitors user request data in real time and discovers the data in time
DOSClean out abnormal traffic, such as attacks, without affecting normal services. - The CDN to accelerate
- High defense server: high defense server mainly refers to the server that can independently defend against hard 50Gbps or more, can help websites with denial of service attacks, and regularly scan the primary nodes of the network
Four, HTTP request process
- right
www.abc.comThis site is going to beDNSDomain name resolution, get the correspondingIPaddress - According to this
IP, find the corresponding server, initiateTCPThree handshakes - To establish
TCPInitiate after connectionHTTPrequest - Server response
HTTPRequest, the browser getshtmlcode - Browser parsing
htmlCode and requesthtmlResources in the code (e.gjs,css, pictures, etchtmlCode to find these resources) - The browser renders the page to the user
- Server shutdown Shutdown
TCPThe connection
1. How is a DNS domain name resolved?
DNS domain name resolution is based on recursive query
First go to the DNS cache -> cache can not find, go to the root DNS server -> root domain name will go to the next level, recursion search, found, to our web browser.
- The browser first searchesIts own DNS cacheTo see if there is one in the cache
www.abc.comIf this domain name has and has not expired, resolution is over. - If no, the browser searches the DNS cache of the operating system. If the DNS cache does not expire, the browser stops searching and the resolution ends.
- If it is not found in the DNS cache of the operating system, try to read the hosts file. If yes, the resolution succeeds and the resolution ends.
- If it is not found in the hosts file, the browser will initiate oneDomain Name System (DNS)System call to the locally configured preferred DNS serverThe domain name resolution request is initiated(Recursive request)
- The DNS server of the carrier first searches for its own cache. If the DNS server can find the cache without expiration, the resolution succeeds.
- If it is not found, the carrier’s
DNSInitiate for our browserIterate over DNS resolution requests. - Operators DNSThe root domain is first looked upDNS IP address(This DNS server has built-in IP addresses for 13 root DNS domain servers) to find the root domain
DNSAddress, will initiate a request to its (askwww.abc.comWhat is the IP address of this domain name? ). The root domain finds that this is acomDomain (top-level domain), so returncomThe domain ofIPAddress, and then the carrier’s DNS gets the IP address of the COM domain. - Carrier DNSAfter getting the IP address of the COM domain, it initiates an address request to the IP address of the COM domain
www.abc.comWhat is the IP address of this domain name? .comDomain this server tells the carrierDNSI don’t knowwww.abc.comThe IP address of this domain name, but I knowabc.comFor this domain nameDNSThe address? You go find it. - The operator,
DNSAnd toabc.comFor this domain nameDNSAddress to initiate a request, (askwww.abc.comWhat is the IP address of this domain name? - At this time
abc.comThe domain ofDNSThe server searches locally. - Sent the results to the carrier
DNSServer, this time the carrierDNSI got the serverwww.abc.comAnd return to theWindowsThe system kernel, the kernel returns this to the browser, and the browser gets thisIPAddress, go to the next step.
2. TCP three-way handshake
- The client first sends a connection probe.
- After the server listens to the connection request packet, if the server agrees to establish the connection, the server sends the
ClientSend a confirmation. ClientAfter receiving the confirmation, you need to send the confirmation again, and carry the confirmation toServerThe data.
3. Why three handshakes?
- Verify compliance on the server and client
TCP/IPagreement - To prevent a connection request segment that has failed from being suddenly retransmitted to the server, resulting in an error.
4. Why is HTTP protocol implemented based on TCP?
TCP is an end-to-end, reliable, faceted connection protocol. HTTP is based on the transport layer TCP protocol and does not have to worry about data transfer problems (when an error occurs, it will be retransmitted).
5. What is the face to face connection protocol? What about link-oriented protocols?
1. Face to face connection protocol definition
When the two parties communicate, a communication line (virtual) should be established beforehand.
There are three processes of establishing connection, maintaining connection and releasing (disconnecting) connection.
TCP is connection-oriented
2. Definition for non-linked protocols
In contrast to connection-oriented, connectionless means that the communication parties do not need to establish a communication line in advance. Instead, each packet with a destination address is sent to a line and the system independently selects a line for transmission.
Process-oriented connectionless only ** “transfer data” **.
UDP is connectionless
Speaking of three handshakes, how about four waves?
- The client process sends a connection release packet and stops sending data.
- The server receives the connection release packet and sends an acknowledgement packet. At this point, the server enters
CLOSE-WAIT(turn off wait) state. (The client releases the data to the server, but the server sends the data, the client still accepts it) - When the client receives the acknowledgement request from the server, the client enters
FIN-WAIT-2Termination wait 2) state, waiting for the server to send the connection release packet (before receiving the last data sent by the server). - After the server sends the last data, it sends the connection release packet to the client, and the server enters
LAST-ACK(final confirmation) Status, waiting for confirmation from the client. - After receiving the connection release packet from the server, the client must send an acknowledgement to enter the server
TIME-WAIT(time waiting) state. - As soon as the server receives the acknowledgement from the client, it enters immediately
CLOSEDState. Again, undoTCBAfter that, the end of thisTCPThe connection.(The server terminates the TCP connection earlier than the client.)
1. Why four waves
TCP protocol is a connection – oriented, reliable, byte – stream – based transport – layer communication protocol. TCP is in full-duplex mode. This means that when host 1 sends a FIN packet segment, it simply means that host 1 has no data to send. Host 1 tells host 2 that it has sent all data. However, host 1 can still accept data from host 2; When host 2 returns an ACK packet segment, it indicates that it knows that host 1 has sent no data, but host 2 can still send data to host 1. When host 2 also sends the FIN segment, it means that host 2 has no data to send, and it tells host 1, “I have no data to send either.” After that, the TCP connection will be pleasantly terminated.
Why is it that it takes three handshakes to establish a connection and four waves to close it?
During connection establishment, the server is in LISTEN state. After receiving a SYN packet, the server sends an ACK packet and a SYN packet to the client. And close connection, the server receives the other side of the FIN message, just said to each other can no longer send data but also receives the data, and the oneself also is not necessarily all data are sent to each other, so their can immediately shut down, also can send some data to each other, then send the FIN message now agreed to close the connection to the other side, therefore, Your OWN ACK and FIN are usually sent separately, resulting in one more time.
7. What if the connection has been established, but the client suddenly fails?
TCP also has a keepalive timer. However, if the client fails, the server cannot wait forever and waste resources. The server resets the timer every time it receives a request from the client. The time is usually set to two hours. If no data is received from the client within two hours, the server sends a probe segment and then sends it every 75 seconds. If there is no response after 10 consecutive probes, the server considers the client to be faulty and closes the connection.
8. What are the HTTP request modes?
- GET: Requests a representation of the specified resource. use
GETShould only be used to retrieve data. - HEAD: A request with
GETThe response to the request is the same as the response, but without the response body. - POST: Commits the entity to the specified resource.
- PUT: Requests the payload to replace all current representations of the target resource.
- DELETE: Deletes the specified resource.
- OPTIONS: Describes the communication OPTIONS of the target resource.
- PATCH: Modify the resource application part.
- CONNECT: Establishes a tunnel to the server identified by the target resource.
- TRACE: Performs a message loopback test along the path to the target resource.
9, commonly used request status code?
| Status code | meaning | content |
|---|---|---|
| 200 | OK | Indicates that the request was successful. By default, responses with a status code of 200 can be cached |
| 201 | Created | Indicates that the request was successful and a new resource is created as a result. |
| 202 | Accepted | Indicates that the server has received the request message, but has not processed it |
| 203 | Non-Authoritative Information | Indicates that the server successfully processed the request, but the entity header meta information returned is not a definitive collection valid on the original server, but a copy from a local or third party. |
| 204 | No Content | Indicates that the server successfully processed the request, but does not need to return any entity content and wants to return updated meta information. |
| 205 | Reset Content | Indicates that the server successfully processed the request and returned nothing. But unlike a 204 response, a response that returns this status code requires the requester to reset the document view. |
| 206 | Partial Content | Indicates that the server has successfully processed some GET requests. |
| 300 | Multiple Choices | Represents a response status code for a redirect, indicating that the request has multiple possible responses |
| 301 | Moved Permanently | The requested resource has been moved to the url specified by the Location header and is fixed |
| 302 | Found | Indicates that the requested resource was temporarily moved to the URL specified by the Location header |
| 303 | OK | Indicates that the redirect link is not directed to the newly uploaded resource, but to another page, such as a message confirmation page or upload progress page |
| 304 | See Other | Indicates that the redirect link is not directed to the newly uploaded resource, but to another page, such as a message confirmation page or upload progress page |
| 307 | Temporary Redirect | Temporary Redirect is a response status code that indicates a Redirect, indicating that the requested resource was temporarily moved to the URL pointed to by the Location header |
| 308 | Permanent Redirect | Permanent Redirect |
| 400 | Bad Request | Represents a client error, indicating that the server could not understand the request due to invalid syntax |
| 401 | Unauthorized | Represents a client error, indicating that the current request requires user authentication. |
| 403 | Forbidden | Represents a client error. The server understood the request but refused to execute it. |
| 404 | Not Found | Represents a client error, indicating that the server could not find the requested resource |
| 405 | Method Not Allowed | Indicates that the request method specified in the request line cannot be used to request the corresponding resource. |
| 406 | Not Acceptable | Indicates a client error, indicating that the server cannot provide a response that matches the values specified in the Accept-charset and Accept-Language headers |
| 407 | Proxy Authentication Required | An error on behalf of the client refers to a request sent that has not been satisfied due to lack of authentication credentials required by the proxy server that sits between the browser and the server that has access to the requested resource |
| 408 | Request Timeout | Indicates that the server wants to close the connection that is not in use |
| 409 | Conflict | Indicates that the request conflicts with the current server state |
| 410 | Gone | The requested content does not exist on the server and is permanently lost |
| 411 | Length Required | This is a client error, indicating that the server rejected the client’s request because the defined content-Length header field is missing |
| 412 | Precondition Failed | Indicates a client error, indicating that access to the target resource is denied |
| 413 | Payload Too Large | Indicates that the size of the request body exceeds the limit specified by the server. The server can choose to close the connection or return the Retry-After header field |
| 414 | URI Too Long | Indicates that the URI requested by the client exceeds the range allowed by the server |
| 415 | Unsupported Media Type | Indicates that the server refuses to accept a client request because it does not support the format of its payload |
| 416 | Range Not Satisfiable | Means that the server is unable to process the requested data interval, most commonly when the requested data interval is outside the scope of the file |
| 417 | Expectation Failed | Means that the server cannot satisfy the expected conditions in the Expect request header |
| 426 | Upgrade Required | Indicates that the server refuses to process requests sent by the client using the current protocol, but can accept requests sent by the client using the upgraded protocol |
| 428 | Precondition Required | This situation means that the necessary condition headers, such as if-match, are missing |
| 429 | Too Many Requests | The user sent too many requests in a certain amount of time, i.e. exceeded the “frequency limit”. |
| 431 | Request Header Fields Too Large | Indicates that the server rejected the client’s request because the header field in the request was too large |
| 451 | Unavailable For Legal Reasons | Indicates that the server is unable to provide resources requested by the client for legal reasons, such as pages that may lead to legal action |
| 500 | Internal Server Error | Indicates that the server encountered a situation that it does not know how to handle. |
| 501 | Not Implemented | The server error response code indicates that the requested method is not supported by the server and therefore cannot be processed |
| 502 | Bad Gateway | Indicating this error response indicates that the server, acting as the gateway, needed a response to process the request, but got an incorrect response. |
| 503 | Service Unavailable | Indicates that the server is not yet in a state to accept requests |
| 504 | Gateway Timeout | Indicates that the server acting as the gateway or proxy cannot get the desired response within the specified time |
| 505 | HTTP Version Not Supported | Indicates that the server does not support the HTTP version used by the request |
| 511 | Network Authentication Required | Indicates that the client must be authenticated to use the network |
5. Differences between TCP and UDP and application Scenarios
1, UDP
- UDP is on the transport layer
- Is connectionless
- There is no need to establish a reliable connection
- Yes message oriented
- The limitation is to send small package files and have no error handling mechanism. No bag is no bag. You can do something about it, like resend it over time
- One-to-one, one-to-many, many-to-one, many-to-many communication
- Suitable for real-time applications
2, TCP
- TCP is on the transport layer
- TCP is connection-oriented
- Can trust each other to send data, such confidentiality is stronger
- Byte oriented stream
- One-to-one communication
- Suitable for applications with reliable transmission
3. Application scenario
| UDP | TCP |
|---|---|
| An app | web browsing |
| DNS lookups | |
| Broadcast transmission, streaming media | The file transfer |
| Online games | Online games |
6. HTTP and HTTPS
HTTP: HyperText Transfer Protocol (HTTP)
HTTPS: Hypertext Transfer Protocol Secure
1. Differences between HTTP and HTTPS
| Name/Distinction | http | https |
|---|---|---|
| The name of the | Hypertext Transfer Protocol | Hypertext Transfer Security Protocol |
| The default port | 80 | 443 |
| Way to send | cleartext | The encrypted |
| security | Relatively poor security Easy to listen to In disguise Been tampered with |
The security is relatively good Prevent listening To prevent the camouflage To prevent tampering |
| Response speed | Fast response (3 packets) | Slow response (12 packets) TCP three SSL nine |
| The cost of | The lower | The high cost Certificates need to be purchased |
| Link to the cache | Relatively efficient | Is relatively high Increases data overhead and power consumption |
2. HTTPS access process
- Customers to use
httpstheURLaccessWebServer, requirements withWebServer setupSSLThe connection. WebAfter receiving the request from the client, the server sends the certificate information (including the public key) of the website to the client.- Client browser with
WebServer negotiation startsSSLThe level of security of the connection, the level of encryption of the information. - The browser of the client establishes the session key according to the security level agreed by both parties, encrypts the session key using the public key of the website, and sends it to the website.
WebThe server uses its own private key to decrypt the session key.WebThe server encrypts the communication with the client using the session key.
Detailed explanation:
- Client initiation
HTTPSrequest
The user enters an HTTPS url in the browser and connects to port 443 of the server.
- Server Configuration
Refers to the above mentioned digital certificate;
- Send the certificate
After receiving the request from the client, the Web server sends the certificate information (including the public key) of the website to the client.
- The client parses the certificate
The client checks the certificate and verifies whether the public key is valid. If any problem occurs, a warning is displayed. If there are no problems, generate a random value (private key) and continue encryption with the certificate.
- Transmit encrypted information
The client provides the encrypted random value (private key) to the server, and the server decrypts it.
- The server decrypts the information
The server decrypts it to a random value (the private key), and then symmetrically encrypts the contents through that value. Symmetric encryption involves mixing the information to be returned with a random value (private key), so that the data cannot be obtained unless the random value (private key) is known.
- The encrypted information is transmitted
Continue to transfer the encrypted information to the client;
- The client decrypts information
The client uses the previously generated private key (random value) to decrypt the message from the server, and gets the decrypted content.
3. Advantages and disadvantages of HTTPS?
1. The advantages
- Send data to the client correctly
The HTTPS protocol authenticates users and servers, ensuring that data is sent to the correct client and server
- A more secure
HTTPS is a network protocol based on SSL and HTTP for encrypted transmission and identity authentication. It is more secure than HTTP and prevents data from being stolen or changed during transmission, ensuring data integrity
- Increase the cost of man-in-the-middle attacks
HTTPS is the most secure solution under the current architecture, and while not absolutely secure, it dramatically increases the cost of man-in-the-middle attacks.
- Higher search rankings
In 2014, Google jumped its search algorithm to allow sites that use HTTPS encryption to rank higher in search results
Baidu also released its support for HTTPS sites in 2018, indicating that HTTPS will affect search ranking as one of the quality features.
2 and disadvantages
- Page rendering takes more time
Because of SSL, the HTTPS handshake phase is time-consuming, which can increase the page loading time by nearly 50%.
- The cost increase
SSL certificates cost money. The more powerful the certificate, the higher the fee.
- HTTPS connection caching is not as efficient as HTTP
HTTPS connection caching is not as efficient as HTTP, which increases data overhead and power consumption, even affecting existing security measures.
- An SSL certificate is usually bound to an IP address
SSL certificates usually need to be bound to IP addresses, and cannot be bound to multiple domain names on the same IP address. IPv4 resources cannot support this consumption.
- There are limitations
The HTTPS protocol also has a limited range of encryption, making it almost useless for hacking, denial of service attacks, and server hijacking. Crucially, the credit chain system for SSL certificates is not secure, especially in cases where countries can control the CA root certificate, and man-in-the-middle attacks are also possible.
4. How to optimize HTTPS performance?
1. Optimize HTTPS access speed
- Set the HSTS
The server returns an HSTS HTTP header, and after the browser gets the HSTS header, for a period of time, whether the user typed www.baidu.com or http://www.baidu.com, By default, the request is internally redirected to https://www.baidu.com.
- Session resume
Session Resume, as the name implies, is to reuse sessions and simplify handshakes.
1. Reduced CPU consumption, because there is no need for asymmetric key exchange calculation. 2. Improve the access speed, do not need to complete the handshake phase 2, save a RTT and calculation time.Copy the code- Nginx sets the Ocsp stapling
OSCP Stapling works in a simple way: when the browser initiates a Client Hello, it carries a certificate Status request extension. After seeing this extension, the server returns the OCSP content directly to the browser to complete the certificate status check. Since the browser does not need to query the certificate status directly from the CA site, the access speed improvement is significant.
- use
SPDYorHTTP2
The most important feature of SPDY is multiplexing, the ability to send multiple HTTP requests together over the same connection, unlike the current HTTP protocol, which can only send requests one by one in serial.
HTTP2, which supports multiplexing, has the same effect.
1. Current implementations of SPDY and HTTP2 use the HTTPS protocol by default. 2. Both SPDY and HTTP2 support existing HTTP semantics and apis, making them almost transparent to WEB applications.Copy the code- False start
The simple principle of False Start is that the application layer data is sent together when client_KEY_exchange is emitted, which can save an RTT.
2. HTTPS computing performance optimization
- ECC ellipse encryption arithmetic is preferred.
ECC elliptic encryption arithmetic is much faster than ordinary discrete logarithm calculation performance.
- Use the latest version of OpenSSL.
In general, new versions of OpenSSL are faster and more secure than their predecessors.
- Hardware acceleration solution.
- Special acceleration card for SSL.
- GPUSSL acceleration.
- TLS Remote proxy calculation
Seven, HTTP / 2
1. Set goals for HTTP /2 projects
- Page load time (PLT) reduced by 50%.
- There is no need for the site author to change anything.
- Minimizes deployment complexity without changing network infrastructure.
- Work with the open source community to develop this new protocol.
- Collect real performance data to verify the validity of experimental protocols.
2. HTTP /2 feature
1. Binary frame layer
At the heart of all HTTP/2 performance enhancements is the new binary framing layer, which defines how HTTP messages are encapsulated and transmitted between clients and servers.
2. Multiplexing (request and response multiplexing)
The new binary frame-splitting layer in HTTP/2 breaks through these limitations and enables complete request and response reuse: clients and servers can split HTTP messages into independent frames, interlace them, and reassemble them at the other end.
3. Priority of the data flow
After splitting an HTTP message into many separate frames, we can reuse frames from multiple data streams, and the order in which the client and server interleave and transmit these frames becomes a key performance determinant. To do this, the HTTP/2 standard allows each data stream to have an associated weight and dependency:
- Each data stream can be assigned an integer between 1 and 256.
- There can be explicit dependencies between each data flow and other data flows.
4. One connection per source
Each data stream is split into many frames, which can be interleaved and prioritized separately. As a result, all HTTP/2 connections are permanent and require only one connection per source, with many performance benefits.
5. Flow control
Flow control is a mechanism that prevents a sender from sending a large amount of data to a receiver that exceeds the needs or processing capacity of the receiver: the sender may be very busy, under high load, or may simply want to allocate a fixed amount of resources to a particular data flow.
6. Server push
Another powerful new addition to HTTP/2 is the ability for servers to send multiple responses to a single client request. In other words, in addition to responding to the original request, the server can push additional resources to the client without the client explicitly requesting them.
7. Header compression
Each HTTP transport hosts a set of headers that describe the resources and their properties of the transport.
HTTP/2 compresses request and response header metadata using the HPACK compression format, which uses two simple but powerful techniques:
- This format enables the encoding of the transmitted header fields through static Huffman code, thereby reducing the size of the individual transfers.
- This format requires both the client and server to maintain and update an indexed list of previously seen header fields (in other words, it establishes a shared compression context), which is then used as a reference to effectively encode previously transmitted values.
Talk about HTTP caching
1. What is caching? What’s the point?
Definition: Caching is a technique for keeping a copy of a resource and using it directly on the next request.
Function:
- Can significantly improve web site and application performance.
- Reduced wait times and network traffic
- Reduces the time required to display a resource representation.
- The page is more responsive.
- Relieve pressure on the server and improve performance.
2. Do you know what caching methods are available?
- Browser cache
- Proxy cache
- Gateway caches
- CDN cache
- Reverse proxy cache
3. Cache location
- Service Worker
- Memory Cache
- Disk Cache
- Push Cache
1. Service Worker
The Service Worker’s caching is different from the browser’s other built-in caching mechanisms in that it gives us the freedom to control which files are cached, how the cache matches, how the cache is read, and that the caching is continuous.
2. Memory Cache
The reads are efficient, but the duration is short. Once the Tab page is closed, the in-memory cache is freed.
3. Disk Cache
Low read speed, advantages in capacity and storage timeliness,
4. Push Cache
Push Cache is HTTP /2 content that exists only in sessions and is released once the Session ends and is cached for a short period of time.
4. How does HTTP caching work?
HTTP caches are divided into mandatory caches and negotiated caches
1. Force cache
Forced caching means that the file is fetched directly from the cache without the need to send a request
2. Negotiate the cache
Negotiated cache means that the file has been cached, but whether to read from the cache needs to be negotiated with the server, depending on the header/response header field Settings.
The negotiation cache will still send the request.
3. Strong cache –Cache-Control
Cache-control Generic header field, used in HTTP requests and responses to specify directives to implement caching mechanisms.
1. Cache request instructions
Cache-Control: max-age=<seconds>
Cache-Control: max-stale[=<seconds>]
Cache-Control: min-fresh=<seconds>
Cache-control: no-cache
Cache-control: no-store
Cache-control: no-transform
Cache-control: only-if-cached
Copy the code2. Cache response instructions
Cache-control: must-revalidate
Cache-control: no-cache
Cache-control: no-store
Cache-control: no-transform
Cache-control: public
Cache-control: private
Cache-control: proxy-revalidate
Cache-Control: max-age=<seconds>
Cache-control: s-maxage=<seconds>
Copy the code3. Instruction interpretation
| Instruction of | explain |
|---|---|
| public | Indicates that the response can be cached by any object (client, proxy server, and so on). |
| private | Indicates that the response can only be cached by a single user, not as a shared cache (that is, the proxy server cannot cache it). |
| no-cache | Force the cache to submit the request to the original server for validation (negotiated cache validation). |
| no-store | Do not use any caching. |
max-age=<seconds> |
Set the maximum period for cache storage. |
s-maxage=<seconds> |
Overwrite the max-age or Expires header, but only for shared caches (such as individual proxies); private caches ignore it. |
max-stale[=<seconds>] |
Indicates the amount of time in which in-time cache expiration also applies to caching |
min-fresh=<seconds> |
Indicates how long it takes to get the latest response |
| must-revalidate | Once the resource has expired (for example, it has exceeded max-age), the cache cannot respond to subsequent requests with the resource until it has been successfully authenticated to the original server. |
| proxy-revalidate | Same effect as must-revalidate, but it only applies to shared caches (such as proxies) and is ignored by private caches. |
| immutable | Indicates that the response body does not change over time. |
| no-transform | No conversion or transformation of resources is permitted. |
| only-if-cached | The client accepts only cached responses and does not check to the original server for an updated copy. |
4. Negotiate the cache validity process
1. Browser’s first request:
2. Browser’s second request:
Refer to the content
- HTTP status code and description
- A complete HTTP request process is detailed
- TCP three handshakes and four waves
- http MDN
- The difference between HTTP and HTTPS
- Baidu’s EXPERIENCE in HTTPS performance optimization
- Introduction to HTTP/2
- HTTP caching
- HTTP caching mechanism and principle
- HTTP/2 push is tougher than I thought