List of topics we cover in this article:
- What is Hypertext Transfer Protocol (HTTP)?
- HTTP Messages
- Request Message
- Response Message
- HTTP Methods and Status Codes
- Limitations of HTTP
HYPER TEXT TRANSFER PROTOCOL
What is Hypertext Transfer Protocol?
Hypertext transfer protocol is a networking protocol used on world wide web and this protocol uses client server architecture where browser is a client that communicates with server and this browser uses HTTP over TCP to communicate to the server.
HTTP is mostly used protocol over the internet and it is a connectionless protocol. And this protocol is replaced with HTTP-NG(Next Generation) which delivers the high performance and additional features.
There are two types of HTTP versions:
- HTTP/1.1(latest version)
In this latest version the connection can be used multiple times where this feature is not available in the old version.
How the HTTP connection requests:
- Server is opened
- Request is sent to the server
- Processing will be done by server
- Server will send the response
- Connection is closed
- HTTP Messages:
- All communication process will be done via HTTP Messages
- Message Format:
it will convey the nature of the messages
<header-name>:<header-value> separated by a column
Optional: it carries a set of information to be communicated between the client and the server.
- Request message Format:
- Response Message Format:
Uniform Resource identifier is used to identify the resource and also to establish the connection. Once the connection is established, HTTP messages are transformed in a format of internet mail [RFC5322] and the multipurpose internet Mail extensions [RFC2045] and these messages include Request from client to server and Responses from server in the form of above format.
- HTTP Methods:
- Series of commands are used by the client to prompt the server to act.
- All methods should be upper letters only.
- Most common types
- GET method is used to retrieve the resource specified by the URL.
- Whenever the client requests the URL is correct or not and server has to respond immediately to the client.
- If the request cannot be processed correctly it will result error message.
- HEAD method is same as GET it tells the server to not to send the actual body of the message.
- It is mainly used by the client to check the existence status or size of a file before downloading.
- Suppose let’s take an example if you want to download the object but your data limit is 2GB when you get an object the size is 10GB which you can initiates the head request that the size is 10GB. This is very much useful in download managers and when you are playing video.
- POST method allows client to send an entity containing arbitrary data to the server for processing.
- It enables client to submit information such as interactive HTML form to a program on the sever.
- However, GET method can also used to send the data from client to server but there are some differences between GET and POST.
- In GET method we can send the data in the form of URL and use parameters to send the data. Suppose you request the username and password and this is the limitation on the length of the URL where as in POST there is no limitation.
- Less common used methods:
- GET, HEAD, TRACE are the safe methods
- HTTP status codes:
- HTTP status line codes will have both numeric status code and a text reason phrase.
The general form of HTTP status code is “XYY”, where the first digit, “x” is specified as
- 1yy represents to continue while sending the data an still data need to send then it says continue
- 2yy represents it says ok successful
- 3yy suppose you are requesting a object to the server and that is not present in the server but it moves somewhere else and it response with redirection message
- 4yy and 5yy are the error part 4yy related to client error and 5yy related to server error.
- Headers: General Request/Response headers.
- Headers – Request:
- These headers are used in Request messages.
- Headers will allow client to provide information about itself to the server.
- These headers will also give details about nature of requests.
- Allow the client to have greater control over how its request is processed and how a response is returned by the server.
- Examples of header requests:
- Host -the on ly mandatory header
- Headers – Response:
- Response will appear only in the form of HTTP
- Provides additional data that expands upon the summary information that is present in the status line at the beginning of each server reply.
- Examples of header response
- Accept – ranges
- Etag(specifies Entity tag)
- Location (using 3XX/201 status codes)
- Proxy-authenticate (client uses proxy authorization)
- WWW-Authenticate (401)
- Features: There are some few features of HTTP
- Caching: The storing of recently-requested resources in a temporary area
- Reduced bandwidth use – by eliminating unneeded transfers of Requests and Responses.
- Faster response time for the user loading a resource
- This can be implemented in various places:
- Web-client caching
- Intermediary caching
- Web server caching
- Cookies is used to refer small piece of data.
- When a server implements a function that requires state to be maintained across a set of transcations, it sends a small amount of data to the web client called a “cookie”.
- It contains most important information related to the web application.
- To accelerate the process we use concept called pipelining.
- In no-pipelining client requests and server responses and the process will be done like this.
- But whereas pipelining there will be no time waste at a time all clients requests later server will response.
- Limitations of HTTP:
- Less secure
- Man in the middle attack
- Data can be tampered
- Less reliable.
HTTP is a connectionless protocol is very easy to use. The client-server model combined with ability to add headers. And HTTP allows with extensible capabilities of a web.
Although HTTP adds some complexity, we do message embedding in frames to improve performance, but the actual structure remains constant and we allow it to be investigated and perform debugging with HTTP message monitor.