1. Introduction to HTTP
- HTTP stands for Hyper Text Transfer Protocol. It is a Protocol used to Transfer hypertext from WWW:World Wide Web servers to local browsers. All WWW files must comply with this standard
- HTTP is a TCP/ IP-based communication protocol to transfer data (HTML files, image files, query results, etc.)
- HTTP is an object-oriented protocol belonging to the application layer. Because of its simple and fast way, it is suitable for distributed hypermedia information system. Made up of requests and responses, it is a standard client-server model. HTTP is a stateless protocol
- The HTTP protocol works on a client-server architecture. As the HTTP client, the browser sends all requests to the HTTP server, namely the WEB server, through the URL. The Web server sends response information to the client based on the received request
Two, HTTP main features
- Client and server mode: HTTP works on the client server architecture. As the client, the browser sends requests to the server and Web server through URLS. The Web server sends response information to the client based on the received requests
- Simple and fast: When a client requests a server, it only needs to send the request method and path. The request methods include POST and GET. Each method defines the client and server, and the connection type is different. Because HTTP protocol is simple, the HTTP server program is small and the communication speed is fast
- Flexibility: HTTP allows the transfer of any type of data object
- Connectionless: The meaning of connectionless is to limit processing to one request per connection. The server disconnects from the customer after processing the request and receiving the reply from the customer. In this way, transmission time can be saved
- Stateless: Stateless means that the protocol has no memory for transaction processing. If previous information is required for subsequent processing, it must be retransmitted. As a result, the amount of data in each connection may increase
HTTP request structure
An HTTP request packet consists of three parts (request line + request header + request body).
HTTP request structure:
3.1 request line
Request line: consists of the request field, URL field, and HTTP protocol version field. They are separated by Spaces, for example: HTTP/1.1\r\n According to the HTTP standard, HTTP requests can use multiple request methods. HTTP1.0 defines three request methods: GET, POST, and HEAD. HTTP1.1 adds five new request methods: OPTIONS, PUT, DELETE, TRACE, and CONNECT
| The serial number | methods | describe |
|---|---|---|
| 1 | GET | Requests the specified page information and returns the entity body |
| 2 | POST | Submit data to a specified resource to process a request (such as submitting a form or uploading a file). The data is contained in the request body. POST requests may result in the creation of new resources or the modification of existing resources |
| 3 | HEAD | Similar to a GET request, except that there is no concrete content in the response returned, which is used to retrieve the header |
| 4 | PUT | Data transferred from the client to the server replaces the contents of the specified document |
| 5 | DELETE | Asks the server to delete the specified page |
| 6 | CONNECT | Reserved in HTTP/1.1 for proxy servers that can pipe connections |
| 7 | OPTIONS | Allows clients to view server performance |
| 8 | TRACE | The command output displays the requests received by the server for testing or diagnosis |
3.2 Request Headers
Request headers: AN HTTP client (such as a browser) must specify the request type (usually GET or POST) when sending a request to the server. The client may choose to send other headers if necessary. Most request headers are not required, with the exception of Content-Length, which must be present for POST requests
A request header notifies the server about a request from a client. A typical request header is:
| The method name | describe |
|---|---|
| Content-Length | Represents the length of the request message body |
| Host | The requested host name allows multiple domain names to reside at the same IP address, that is, virtual host |
| User-Agent | The browser type and operating system that sends the request |
| Accept | A list of client-recognized content types that specify which types of information the client receives |
| Accept-Encoding | The data encoding that is recognized by the client |
| Accept-Language | Represents the language type supported by the browser |
| Connection | Allow clients and servers to specify options related to request/response connections, such as keep-alive to Keep the connection |
| Transfer-Encoding | Inform the receiver of the encoding mode used to ensure reliable transmission of packets |
| Cookie | The client can bring data to the server, just one of the most important pieces of information |
| Referer | The URL of the page making the request |
3.3 a blank line
Its role is to tell the server that the request header has stopped
3.4 Request Body
- If the method is GET, this item is empty. (The data is in the URL address bar)
- If the method is a POST field, the data to be submitted is usually placed
Case study:
4. HTTP response structure
HTTP response structure:
An HTTP response packet consists of three parts: the status line, the response header, and the response body
4.1 response line
Response line: describes the status of the response, usually consisting of the protocol version, status code and its description. For example, HTTP/1.1 200 OK\r\n, where the protocol version HTTP/1.1 or HTTP/1.0, 200 is its status code, and OK is its description.
There are five possible values:
| Status code | describe |
|---|---|
| 1XX(100-199), | Indication message – Indicates that the request has been received and processing continues |
| 2XX(200-299), | Success – Indicates that the request has been successfully received, understood, received |
| 3XX(300-399), | Redirect – Further action must be taken to complete the request |
| 4XX(400-499), | Client error – The request has a syntax error or the request cannot be implemented |
| 5XX(500-599), | Server error – The server failed to fulfill a valid request |
Common status codes:
| Status code | describe |
|---|---|
| 200 OK | Normal return message |
| 400 Bad Request | The client request has a syntax error and cannot be understood by the server |
| 401 Unauthorized | Unauthorized request. This status code must be used with the wwW-Authenticate header field |
| 403 Forbidden | The server received the request but refused service |
| 404 Not Found | The requested resource does not exist, eg entered an incorrect URL |
| 500 Internal Server Error | An unexpected error occurred on the server |
| 503 Server Unavailable | The server cannot process client requests. However, the server may recover after a period of time |
4.2 Response Headers
Response header: Basic information that describes the server and a description of the data that the server can use to tell the client what to do with the data it sends back later.
| methods | describe |
|---|---|
| Server | The server tells the browser the type of server through this header |
| Date | Indicates the time when the message is sent |
| Allow | Which request methods (GET, POST, etc.) are supported by the server |
| Content-Encoding | Encode methods of documents |
| Content-Length | Represents the length of the content. This data is required only if the browser uses a persistent HTTP connection |
| Content- Type | What MIME type does the following document belong to |
| Expires | Tells the browser how long to cache the returned resource. -1 or 0 means no cache |
| Server | The server tells the browser the type of server through this header |
| WWW-Authenticate | What type of Authorization information should the customer provide in the Authorization header |
| Transfer-Encoding | Tells the browser the format of the data transfer |
| Access-Control-Allow-Origin | Its value is either the value of the Origin field at the time of the request, or an *, indicating acceptance of requests for any domain name |
| Access-Control-Allow-Credentials | This field is optional. Its value is a Boolean value indicating whether cookies are allowed to be sent |
4.3 Response Header
The response header is the message body of the response, which contains the content of the response. It can contain HTML code, images, and so on. A body consists of the bytes of data that are transmitted immediately after the header in an HTTP message.
Case study:
Five, browser input URL, press Enter after the request process
See my previous article on TCP’s three handshakes and four waves: blog.csdn.net/qq_14996421…
1. DNS resolution:
When we browser will search browser first own DNS cache, which is to find in our hosts file, if the browser cache itself could not find the DNS cache can view the system, if found and no overdue the stop search resolution to this end, and if the machine is not find a DNS cache, the browser will launch a DNS system calls, It sends a domain name resolution request to the preferred DNS server configured locally and eventually finds the IP address corresponding to our domain name.
2. TCP resolution: After obtaining the IP address corresponding to the domain name, the User-agent (generally refers to the browser) will use a random port (1024< port < 65535) to initiate a TCP connection request to the WEB program (commonly used HTTPD,nginx, etc.) port 80 of the server. This connection request reaches the server, enters the network card, then enters the kernel TCP/IP protocol stack, and finally reaches the WEB application, and finally establishes the TCP/IP connection
3. Send an HTTP request: Sends an HTTP request after establishing a TCP connection. The server processes the request and returns an HTTP packet: After receiving and processing the request, the server returns an HTTP response packet. A response packet is basically the same as a request packet, consisting of a response line, a response header, a blank line, and an entity. 6. End of connection: TCP wave four times, port connection
The difference between Cookie and Session
6.1 Cookie Introduction:
- Is a special message sent by the server to the client and stored in the client in the form of text
- The Cookie is sent back when the client requests it again
- The server receives the Cookie and parses the content of the Cookie to the client
Cookie setting and sending process:
6.2 Session Introduction:
- Server side mechanism, information stored on the server
- Parse client requests and manipulate session ids, saving status information as needed
6.3 Differences between Cookies and Sessions
- Cookie data is stored on the client’s browser, and Session data is stored on the server
- Session is more secure than Cookie
- If you want to lighten the load on your server, you should use cookies
Seven,
Here, HTTP protocol explanation is completed, the above is the understanding of the blogger for HTTP, some partners feel wrong or can be more optimized, you can put forward in the comment area, for the article does not understand the partners can leave a message for questions or discussion, today’s HTTP protocol explanation is here, everyone refuelling ~