HTTP Protocol Basic
Download as PPTX, PDF11 likes8,363 views
The HTTP protocol is an application-level protocol used for distributed, collaborative, hypermedia information systems. It operates as a request-response protocol between clients and servers, with clients making requests using methods like GET and POST and receiving responses with status codes. Requests and responses are composed of text-based headers and messages to communicate metadata and content. Caching and cookies can be used to improve performance and maintain state in this otherwise stateless protocol.
HTTP Protocol Basic
- 1. HTTP Protocol Instructor: Prof. Dr. Friedbert Kaspar Mai Nam Chuong VGU BIS 2012 – Computer Networks
- 2. Definitions HTTP Communication chain HTTP Transport binding HTTP Methods HTTP Messages HTTP Status Codes HTTP Caching Q&A Agenda 2
- 3. A set of rules and regulations that determine how data is transmitted. Communication Protocol? 3
- 4. 7 OSI layers HTTP, SMTP, FTP, DNS … 4
- 5. Application vs. Application layer Application layer provides services for user applications to use. Or, User applications use protocols that reside at the application layer. Ex: Internet Explorer – HTTP; Outlook – SMTP Application layer? 5
- 6. Hypertext Transfer Protocol an application-level protocol for distributed, collaborative, hypermedia information systems (RFC-2616) Not only text but graphics and multimedia A part of TCP/IP protocols suite HTTP protocol? 6
- 8. History 1990 – HTTP/0.9 1996 – HTTP/1.0 1999 – HTTP/1.1 Next HTTP/2.0 (draft) HTTP protocol? 8
- 9. The HTTP protocol is a request/response protocol A client sends a request to the server The server responds data HTTP Communication chain Request Response HTTP Client HTTP Server9
- 10. HTTP Request/Response Chain with Intermediaries HTTP Communication chain Request Response HTTP Client HTTP ServerIntermediary Request Response Proxy Gateway 10
- 11. Do not remember previous request/response chain HTTP stateless protocol Request 1 Response 1 HTTP Client HTTP Server Request 2 Response 2 How to maintain state? 11
- 12. Transitory connection One connection is created for each request/response Persistent connection The connection is kept open after each request/response set until the client is done requesting all the documents. HTTP Transport binding 12
- 13. GET (*) HEAD (*) POST (*) OPTIONS PUT DELETE TRACE CONNECT HTTP Methods 13
- 14. GET - Requests data from a specified resource POST - Submits data to be processed to a specified resource HTTP GET vs. POST 14
- 15. HTTP GET vs. POST 15
- 16. Communication between devices using the HTTP takes place via HTTP messages Two types: requests and responses. Text-based message format. HTTP Message 16
- 18. Accept: tell the server what Internet media types it is willing to accept in a response Accept: type/subtype; text/plain; image/jpg; */* Accept-Charset specifies what character sets the client is willing to accept in a response Accept-Charset: iso-8859-5, UTF-8 Accept-Encoding specifies what content encodings the client is willing to accept Accept-Encoding: compress, gzip Accept-Language indicate what languages the client supports Accept-Language: en-gb; vi-vn HTTP Request Headers 18
- 19. Host: Specifies the Internet host Host: www.vgu.edu.vn:8080 User-Agent Specifies what agent (application) is sending the request User-Agent: Mozilla/5.0 Cookie Cookie data which previously set by the server Cookie: user=1; category=pc; Referer the URL of the resource from which the URL of the current request was obtained Referer: http://google.com HTTP Request Headers (cont.) 19
- 21. Server Server info that serves the request Server: Apache/2.4.1 (Unix) Expires gives the date/time after which the response is considered Expires: Thu, 20 Jul 2013 16:00:00 GMT Refresh Used in redirection, or when a new resource has been created. Refresh: 5; url=http://www.vgu.edu.vn HTTP Response Headers 21
- 22. 1xx (Informational): Request received, server is continuing the process. 2xx (Success): The request was successfully received, understood, accepted and serviced. 3xx (Redirection): Further action must be taken in order to complete the request. 4xx (Client Error): The request contains bad syntax or cannot be understood. 5xx (Server Error): The server failed to fulfill an apparently valid request. HTTP Status codes 22
- 23. 200 OK: The request is fulfilled. 301 Move Permanently: The resource requested for has been permanently moved to a new location 304 Not Modified: Server notifies that the resource requested has not been modified. Common HTTP Status codes 23
- 24. 400 Bad Request: Server could not understand the request (syntax error). 401 Authentication Required: The requested resource is protected, and require client’s credential. 403 Forbidden: Server refuses to supply the resource, regardless of identity of client. 404 Not Found: The requested resource cannot be found in the server. Common HTTP Status codes 24
- 25. 500 Internal Server Error: Server is error in the server-side program responding to the request. 503 Service Unavailable: Server cannot response due to overloading or maintenance. The client can try again later. 504 Gateway Timeout: Proxy or Gateway indicates that it receives a timeout from an upstream server. Common HTTP Status codes 25
- 26. HTTP is a stateless protocol. Cookies provide a mechanism to "maintain state". HTTP Cookie 26
- 27. Cache: local copy of a resource HTTP Caching Request Response HTTP Client Intermediary Request Response HTTP Server 27
- 28. Expiration Model How long a resource is valid? Eliminate requests to server Reduce network round-trip Cache-Control: max-age=3600 Expires: Tue, 15 Aug 2013 07:19:00 GMT HTTP Caching 28
- 29. Validation Model When the resource last changed? Eliminate full response to client Reduce network bandwidth If-Modified-Since: Thu, 17 Aug 2006 17:53:51 GMT ETag: "686897696a7c876b7e" HTTP Caching 29
- 30. RFC-2616: http://www.w3.org/Protocols/rfc2616/rfc2616.html TCP GUIDE: http://www.tcpipguide.com/free/t_TCPIPHypertextTran sferProtocolHTTP.htm IBM Software Information Center - The HTTP protocol http://publib.boulder.ibm.com/infocenter/cicsts/v3r1/top ic/com.ibm.cics.ts31.doc/dfhtl/topics/dfhtl29.htm References 30
- 31. Q&A 31
Editor's Notes
- #6: http://www.tcpipguide.com/free/t_ApplicationLayerLayer7.htm
- #7: 1.0 http://www.ietf.org/rfc/rfc1945.txt1.1 http://www.w3.org/Protocols/rfc2616/rfc2616.html2.0 http://tools.ietf.org/html/draft-ietf-httpbis-http2-04The Hypertext Transfer Protocol (HTTP) is designed to enable communications between clients and servers.HTTP works as a request-response protocol between a client and server.A web browser may be the client, and an application on a computer that hosts a web site may be the server.Example: A client (browser) submits an HTTP request to the server; then the server returns a response to the client. The response contains status information about the request and may also the requested content.
- #8: A part of TCP/IP protocols suite
- #9: 0.9: The first version of HTTP, HTTP/0.9, was part of the early World Wide Web and was a very simple request/response protocol with limited capabilities that could transfer only text files.1.0 http://www.ietf.org/rfc/rfc1945.txtThe first widely-used version was HTTP/1.0, which is a more complete protocol that allows the transport of many types of files and resources.1.1 http://www.w3.org/Protocols/rfc2616/rfc2616.htmlMultiple host name. Multiple host on 1 IPPerformance, security2.0 http://tools.ietf.org/html/draft-ietf-httpbis-http2-04
- #10: HTTP is a client/server-oriented, request/reply protocol. Basic communication consists of an HTTP Request message sent by an HTTP client to an HTTP server, which returns an HTTP Response message back to the client.
- #11: Proxy:A proxy is a forwarding agent, receiving requests for a URI in its absolute form, rewriting all or part of the message, and forwarding the reformatted request toward the server.Gateway: receiving agent. A router that routes the data transmission.
- #13: Persistent connections are connections between a Web client and a server that can be reused for more than one exchange of a request and a response.In HTTP/1.0, the default action for the server was to close the connection when it had received a request from the Web client and sent a response. If the Web client wanted the server to keep the connection open, it had to send a Connection: Keep-Alive header on the request.For HTTP/1.1, persistent connections are the default. When a connection is made between a Web client and a server, the server should keep the connection open by default. The connection should only be closed if the Web client requests closure by sending a Connection: close header, or if the server's timeout setting is reached, or if the server encounters an error.Persistent connections improve network performance because a new connection does not have to be established for each request. Establishing a new connection consumes significant additional network resources compared to making a request using an existing connection.DEMO using telnetDraw HTML document on the WHITEBOARD
- #14: http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.htmlTelnet demo Get and HeadGET:Retrieve a resource.HEAD Like GET, but returns just the HTTP header.POST create new resourceOPTIONS Get information about how the server allows to communicate with. OPTIONS * HTTP/1.1 Host: example.com HTTP/1.1 200 OK Date: … Allow: OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE Content-Length: 0PUT Send data to the server.DELETE Delete an existing resource.TRACE Return the request headers sent by the client.
- #15: Demo Web sniffer tool
- #18: In this example, the client issues a GET request to ask for a document named "/index.html"; and negotiates to use HTTP/1.0 protocol. A blank line is needed after the request header. This request message does not contain a body.The server receives the request message, interprets and maps the request-URI to a document under its document directory. If the requested document is available, the server returns the document with a response status code "200 OK". The response headers provide the necessary description of the document returned, such as the last-modified date (Last-Modified), the MIME type (Content-Type), and the length of the document (Content-Length). The response body contains the requested document. The browser will format and display the document according to its media type (e.g., Plain-text, HTML, JPEG, GIF, and etc.) and other information obtained from the response headers.
- #26: DEMO using chrome to access resources
- #27: Important especially in authenticationNo cookie -> no sessionDEMO login google, yahoo
- #28: The cache, which is local copies of resources, works because many resources change infrequently. When a browser can reuse a local copy, it saves the time to set up a connection as well as the time to download. The key to making the cache work effectively is HTTP caching headers, which are sent by the web server to specify how long a resource is valid and when it last changed.
- #29: The Expires header specifies a date after which a resource is invalid. max-age specifies how long a resource is after it is downloaded.DEMOhttp://stevesouders.com/hpws/expiresoff.phphttp://stevesouders.com/hpws/expireson.php
- #30: If-Modified-Since, If-Unmodified-Since, If-Match, If-None-Match