Full understanding of HTTP and http

Full understanding of HTTP and http
 

Introduction: as a software engineering Web professional, it is essential to be familiar with HTTP. We hereby record it and create our own HTTP stack.

URL and URI

What we often see is the URL, which is a string address for accessing the web. What is the URI? What are their relationships?
URL: uniform resource location unified resource Locator
URI: uniform resource identifier
This means that the URI is a resource identifier, and the URL is also a URI and a resource identifier, but it also specifies how to Locate the Locate to this resource.
URI is an abstract resource identifier,It can be either absolute or relative.. However, a URL is a URI that specifies the location information and must be absolute.

Message-Communication Bridge

The client and server send messages to each other.PacketsTo communicate with each other, you must understand the format and content of the message to deeply understand the HTTP protocol.

Composition of packets

Both the request message and response message must have a packet header. Of course, the packet body is not required.
Generally, the request message format is as follows:

Take a look at the request message of the Baidu Website:

Simple message format:

GET/HTTP/1.1 // request line, including the request method, request URI, HTTP Version // The following are various header fields Host: www. baidu. comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5. 0... accept-Encoding: gzip, deflate, sdchAccept-Language: zh-CN, zh; q = 0.8

The Response Message format is as follows:

Take a look at the Response Message of Baidu Website:

HTTP/1.1 200 OK // status line, containing the status code indicating the response result. The reason phrase and HTTP Version // The following are the various header fields Server: bfe/1.0.8.5Date: Tue, 06 Oct 2015 14:48:28 GMTContent-Type: text/html; charset = utf-8Transfer-Encoding: chunkedConnection: keep-aliveCache-Control: private

HTTP Method for notifying server intent

There are many methods for sending HTTP. The most common methods are GET and POST. The two methods are described in detail below.

Stateless protocols and cookies

HTTP is a stateless protocol, that is, each sending is a new start. The server does not know or need to know whether the client currently connected has an intersection, therefore, when you need to save the user login status, there is a problem. In this case, use cookies to save the status.
The Cookie is calledSet-CookieTo notify the client to save the Cookie (saved on its own computer). When the client sends a request the next time,The Cookie value is added to the request message and sent out.

Persistent connection

When you use a browser to browse an HTML page containing multiple images, the browser initiates multiple requests ,:

Obviously, each request will causeUnnecessary TCP connection establishment and disconnection increase the overhead of traffic.

Introduce persistent connections

Persistent connection is characterized by maintaining the TCP connection status as long as any end does not explicitly propose to disconnect the connection. Currently, persistent connections are used by default in HTTP/1.1.

Connection:keep-alive

Pipelines

Pipeline can send multiple requests concurrently without waiting for a response.

Common status codes ensure secure HTTPS

HTTP + encryption + Authentication + Integrity Protection = HTTPS
Some login interfaces and shopping settlement interfaces Use HTTPS communication, that is, usehttps://In HTTPS, the communication interface is replaced by the SSL and TLS protocols.

Identity Authentication

Some websites or services require the user's identity information, so you need to know the message at any time. However, you cannot enter the user's password every time. Therefore, there are several authentication methods:

Here we will mainly talk about FormBase authentication, that isForm Authentication.

Use cookies to manage sessions

During transmission, a secure password storage method is to add additional information by adding salt to the password, and then use the hash function to calculate the hash value and save it.

Book recommendation: graphic HTTP, easy to understand more comprehensive HTTP knowledge.