HTTP protocol details

Both web O & M and web development personnel need to understand the HTTP protocol. You can solve the problem only when you are familiar with the HTTP protocol. Therefore, it is necessary to master the HTTP protocol.

1. http protocol

> Definition

Hypertext Transfer Protocol (Hypertext Transfer Protocol) is a data transfer protocol that specifies the rules for communication between browsers and web servers over the Internet.

The HTTP protocol is the same as many other protocols in the TCP/IP protocol family and is used for communication between the client and the server. One end of a request to access a text or image resource is called a client, and the other end of the provided resource is called a server.

> HTTP Version

HTTP/0.9	Released in 1990	No formal standards have been set up
HTTP/1.0	Released in May 1996	Rfc1945 Standard
HTTP/1.1	Released in January 1997	Rfc2068 Standard --> rfc2116 Standard

The next generation of HTTP/2.0 is being developed, but it may take some time to reach a high usage coverage.

2. Specific HTTP implementation

> An agreement is reached through the exchange of requests and responses.

The HTTP Protocol stipulates that a request is sent from the client, and the server finally responds to the request and returns it. First, establish communication from the client, and the server will not send the corresponding message before receiving the request.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/61/wKiom1PUqjfx4qPRAAF4thXU_2w670.jpg "Title =" c-s.png "alt =" wkiom1puqjfx4qpraaf4thxu_2w670.jpg "/>

> HTTP protocol features

HTTP is a stateless protocol. The HTTP protocol itself does not save the communication status between requests and responses. That is to say, at the HTTP level, the Protocol does not persistently process the sent requests or responses.

With HTTP, a new response is generated whenever a new request is sent. The protocol itself does not retain the information of all previous request and response packets. This is to process a large number of transactions faster and ensure protocol scalability, and specifically design the HTTP protocol to be so simple.

However, with the continuous development of the Web, the stateless processing results in a lot of difficult situations. For example, if a user logs on to a shopping website, the user must be able to log on to the website even after he jumps to other pages of the website. For this instance, the website needs to save the user status in order to know who sent the request.

Although HTTP is stateless, Cookie technology is introduced to implement the desired save status function. With cookies, you can use HTTP to communicate with each other and then manage the status.

> Request URI to locate the resource

HTTP uses URI to locate resources on the Internet. It is precisely because of the specific functions of URI that resources anywhere on the Internet can be accessed.

When a client requests to access resources and sends a request, the URI must be included as the request URI of the request message.

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/41/62/wKioL1PUtL3x0I0jAACvsm-pxfI325.jpg "Title =" uri.png "alt =" wKioL1PUtL3x0I0jAACvsm-pxfI325.jpg "/>

> HTTP Request Method

1. GET request: Get Resource

The get method is used to request access to resources identified by Uris. The response content is returned after the specified resource is parsed by the server. If the requested resource is text, it should be put back as it is; if it is a program like CGI (Common Gateway Interface), the output result after execution will be returned.

2. POST request: transfer object subject

The post method is used to transmit the entity.

Although the get method can also be used to transmit the entity body. However, the POST method is generally used instead of the get Method for transmission. Although the post function is similar to get, the main purpose of post is not to obtain the body content of the response.

3. Put request: Transfer File

The put method is used to transfer files. Just like uploading an FTP file, you must include the file content in the body of the request message and save it to the specified position in the request URI.

However, since the PUT Method of HTTP/1.1 does not have a verification mechanism, anyone can upload files, which has security issues. Therefore, this method is not used by General websites. If you use the verification mechanism of Web applications or the architecture design adopts the rest standard for the same type of Web websites, the put method may be developed and used.

The put method returns the status code 204 NO content.

4. Head request: Get the packet header

The head method is the same as the get method, but does not return the message body. Used to confirm the validity of the URI and the date and time of resource update.

5. Delete request: delete an object

The delete method is used to delete objects, which is the opposite of the put method. The delete method deletes a specified resource according to the request URI.

However, the delete method of HTTP/1.1 does not have a verification mechanism like the put method, so the general web site does not use the delete method. It may still be available when it is used in combination with the Web application verification mechanism or when the rest standard is followed.

Delete request, response code 204 NO content.

6. Options request: ask for supported Methods

The options method is used to query the supported methods for resources specified by the request URI.

7. Trance request: Tracing path

The trace method is used to allow the Web server to send the previous request to the client.

When sending a request, enter a value in the max-forwards header field. If the number does not pass through a server, the value is reduced by 1. When the number is reduced to 0, the transmission stops, the server segment that finally receives the request returns the response with the status code 200 OK.

The client can use the TRACE method to query how a request is processed, modified, or tampered. This is because requests that want to connect to the source target server may be transferred through a proxy. The trace method is used to confirm some column operations that occur during the connection. However, the trace method is not commonly used. In addition, it is easy to cause XST (Cross-Site Tracing) attacks, so it is usually unavailable.

8. CONNECT Request: connect the proxy using the tunnel protocol

The connect method requires that a tunnel be established for TCP communication with the proxy server. SSL (Secure Sockets Layer) and Transport Layer Security (Transport Layer Security) protocols are used to encrypt the communication content and transmit it through the network tunnel.

> HTTP persistent connection

In the initial version of the HTTP protocol, each HTTP Communication is interrupted.

In the current communication situation, because it is a small amount of text transmission, even this is not a big problem. With the popularity of HTTP, there are more cases where a document contains a large number of images. For example, when you use a browser to browse an HTML page containing multiple images, when you send a request to access thml page resources, you will also request other resources contained in the HTML page. As a result, every request will cause unnecessary TCP connection establishment and disconnection, increasing the communication overhead.

To solve the TCP connection problem, HTTP/1.1 and some HTTP/1.0 come up with a persistent connection (HTTP persistent connections) method. Persistent connection is characterized by TCP connection as long as any end is not explicitly disconnected.

The advantage of TCP connection is that it reduces the additional overhead caused by repeated establishment and disconnection of TCP connections and reduces the load on the server. In addition, to reduce the overhead of some time, so that the HTTP request and response can end earlier, so that the web page display speed will increase accordingly.

In HTTP/1.1, all connections support persistent connections by default, but are not standardized in HTTP/1.0. Although some servers achieve persistent connections through non-standard means. However, the server segment may not support persistent connections. Without a doubt, the client must support persistent connections in addition to the server.

> Pipelines

Persistent connections make it possible for most requests to be sent in pipelining mode. Before sending a request, you must wait and receive a response to send the next request. After the emergence of pipeline technology, you can directly send the next request without waiting.

In this way, you can send multiple requests concurrently without waiting for a response. For example, when a request for an HTML Web page containing 10 images is connected to one another, using persistence can make the request end faster. Pipeline Technology is faster than persistent connections. The more requests, the more obvious the time difference.

3. Http status code

The HTTP status code is used to indicate the returned results of the client's HTTP request. Mark whether the processing on the server is normal, and the error in the notification.

	Category	Description
1xx	Information Status Code	The received request is being processed.
2XX	Success status code	Request processed
3xx	Redirect status code	Additional operations are required to complete the request
4xx	Client error status code	The server cannot process the request.
5xx	Server Error status code	Server Processing request Error

> 2XX succeeded.

1. 200ok

The request sent from the client is processed on the server.

2. 204 NO content

This status code indicates that the request received by the server has been processed successfully, but the returned response message does not contain the entity's body. In addition, no entity is allowed to be returned. For example, if a 204 response is returned after the browser sends a request, the page displayed by the browser is not updated.

3.206 partinal content

This status code indicates that the client has performed a range request, and the server has successfully executed the GET request. The response message contains the object content within the specified range of content-range.

> 3xx redirection

1. 301 moved permanently

Permanent redirection. This status code indicates that the requested resource has been allocated to a new URI. In the future, you should use the URI currently referred to by the resource. That is to say, if you have saved the URI corresponding to the resource as a tag, you should re-store the URI indicated by the location header field.

2. 302 found

Temporary redirection. This status code indicates that the requested resource has been split into a new Uri, And you are expected to use the new URI for access this time.

Similar to status code 301, A status code 302 indicates that the resource is not permanently moved, but temporary. In other words

The uri of the moved resource may change in the future.

3.303 see other

This status code indicates that the requested resource has another URI. You should use the get method to redirect the requested resource.

This status code is generally used in the first request post. After post processing is complete, a GET request is sent to a new Uri.

4.304 not modified

This status code indicates that when the client sends a conditional request, the server allows the request to access the resource, but the condition is met. 304 when the status code is returned, it does not contain any body part of the response.

5.307 temporary redirect

Temporary redirection. 307 will comply with browser standards and will not change from post to get. However, for responses, different browsers may occur.

> 4xx client Error

1.400 bad request

This status code indicates a syntax error in the request message. When an error occurs, modify the request content and send the request again.

2.401 unauthorized

Does this status indicate that the sent request must pass the HTTP authentication (Basic Authentication, digest authentication) authentication information.

3.403 forbidden

This status code table indicates that access to the requested resource is rejected by the server.

4.404 not found

This Code indicates that the server cannot find the requested resource.

> 5xx Server Error

1.500 Internal Server Error

This status code table indicates that an error occurs when the server executes the request.

2.503 service unavailable

This status code table indicates that the server is temporarily overloaded or is under maintenance and cannot process the request.

The above are 14 common HTTP return codes.

In fact, the HTTP protocol has a lot to do. If you are interested in the HTTP protocol, refer to rfc2116.

This article is from the "David" blog, please be sure to keep this source http://davidbj.blog.51cto.com/4159484/1530938