"Safe Cow Learning Note" HTTP protocol

http Protocol Basics

1. HTTP Overview
As we all know, the basic Internet Protocol is the TCP/IP protocol, the current widely used FTP, Archie Gopher, etc. is built on

The application layer protocol on the TCP/IP protocol, different protocols correspond to different applications.
HTTP (Hyper Text Transfer Protocol-Hypertext Transfer Protocol) is an object-oriented protocol belonging to the application layer,

Because of its simple and fast way, it is suitable for distributed hypermedia information System. Its development was the result of collaboration between the World Wide Web Association (wideweb Consortium) and the Internet Working Group IETF (Internet Engineering Task Force), which eventually released a series of RFC,RFC 1945 defines the http/1.0 version. The most notable of these is RFC 2616. RFC 2616 defines a version of--http 1.1 that is commonly used today.

1.1 HTTP protocol Features
Supports client/server mode.
Simple and fast: When a customer requests a service from the server, it simply transmits the request method and path. The request method commonly has, POST. Each method specifies a different type of contact between the customer and the server.

Because the HTTP protocol is simple, the HTTP server's program size is small, so the communication speed is fast.
Flexible: HTTP allows the transfer of any type of data object. The type being transmitted is marked by Content-type.
No connection: The meaning of no connection is to limit the processing of only one request per connection. When the server finishes processing the customer's request and receives the customer's answer, the connection is disconnected. In this way, the transmission time can be saved.
Stateless: The HTTP protocol is a stateless protocol. Stateless means that the protocol has no memory capacity for transactional processing. A lack of state means that if the previous information is required for subsequent processing, it must be re-routed, which may cause the amount of data to be transferred per connection to increase. On the other hand, it responds faster when the server does not need the previous information.
1.2 How the HTTP protocol works

The HTTP protocol is based on the request/response paradigm. After a client establishes a connection to the server, it sends a request to the server in the form of a Uniform Resource Identifier, protocol version number, followed by MIME information including the request modifier, client information, and possible content. After the server receives the request, it gives the corresponding response information in the form of a status line that includes the protocol version number of the information, a successful or incorrect code, followed by MIME information including server information, entity information, and possible content. (Use Wireshark crawl below)

2. HTTP request format (request) when the browser makes a request to the Web server, it wants the server to send a block of data, which is the request information. HTTP request Information

Consisting of three parts

Request method, resource identifier, and protocol version request header (requests header)
Request Body (parameters)

Below according to the example of the request Baidu to explain

The first request message from the client to the server in an HTTP request includes the method that is applied to the resource, the identifier of the resource, and the use

Version of the Protocol. get/http/1.1

If Request-uri is Absoluteuri, the host is part of the Request-uri. Any host header domain value that is slightly requested.
If the Request-uri is not Absoluteuri and the request includes the host header domain, the host is determined by the domain value of the host header

Requests header (Request header)
In the example, Hots/user-agent/accept/accept-lanuage is the header field.
Request Body (parameter) The third part, the blank line (\ r \ n), is required even if the request body does not exist. If you use post

Can see.
3. HTTP response Format (Response)

When the Web server responds to requests from the client, the HTTP response information consists of three parts:

Protocol Version/Response code
Response Header (Response header) Response body

And then the last request to crawl Baidu response.

Protocol version/Response code http/1.1
Response Header (Response header) Date/server/content-length/connection, etc.
The response body is \ r \ n CRLF (carriage return) The following is the HTML page of course it may be other forms. 4. Requests header (Request header)

Here is simply a list of the function of the header does not do a detailed explanation, will be in the future of the article to do further research
Host www.baidu.com hostname and port (80 default)
User-agent User agent information for statistical purposes, protocol violation tracking and automatic identification of User agent format User-agent:<product>[/<version>] Example: mozilla/5.0 firefox/ 3.6.12 firephp/0.5
Accept specifies an acceptable acknowledgement media type for the response
Accept-language a natural language set selected as a response to a request
Accept-encoding limit the content-encoding of the response selected by the request types
Accept-charset can be used to indicate the acceptable character set of the response
Keep-alive makes the client-to-server connection persistent and avoids establishing or re-establishing a connection when a subsequent request to the server occurs
Connection allows the sender to specify the desired connection options close/keep-alive
Cookie this will be done in a detailed explanation later
Referer is an optional user client that sends the last link to the server, the user according to and statistics he can use to prevent CSRF (Cross-site request forgery cross-site requests forgery) as well as hotlinking, but is not omnipotent.
5. Response header (Response header)
Date Fri, 03:21:46 GMT indicates that a message occurred in the format of RCF 1123[8]
Server service-side information bws/1.0 Baidu developed or improved
CONTENT-LENGTH Specifies the size of the response body length
CONTENT-TYPE Specifies the type of the response body MIME and the encoding service to control text/html Text/xml text/

html;charset=gb2312
Cache-contol for controlling HTTP caching (only Pragma:no-cache is implemented in http/1.0)
Public indicates that the response can be cached by any buffer.
Private indicates that the entire or partial response message for a single user cannot be shared with the cache. This allows the server to simply describe a partial response message for the user, and this response message is not valid for another user's request.
No-cache indicates that the request or response message cannot be cached (http/1.0 replaced with pragma no-cache)

Expries gives the date and time that the corresponding is considered to expire
The encoding method of the Content-encoding document. The content type specified by the Content-type header can be obtained only after decoding. Using gzip to compress documents can significantly reduce the download time of HTML documents
Connection Connection Options Close/keep-alive

6. Status Code Introduction status code is divided into 5 major categories

The following is a detailed list of Class 5 status Code information classes

Represents the receipt of a Web browser request, which is being further processed to indicate that the request was received successfully to indicate that the user request was received correctly, understood and processed for example: OK

1XX Information class
2XX Success Class
3xx REDIRECT Class
The 4XX client error class indicates that the client submitted a request with an error such as: 404 Not Found, which means that the document referenced in the request does not exist.
The 5XX server error class indicates that the server cannot complete the processing of the request: 500

100 continue
Success Class
OK
202 Reception
204 No Content
206 part of the content
REDIRECT Class
300 multi-channel selection
302 Temporary transfer
304 unmodified (not Modified) 305 using a proxy

Client Side Error Class
400 Bad Request 401 not certified 402 requires a fee of 403 Forbidden (Forbidden)
404 Not Found (not Found)
405 method does not allow 406 does not accept 407 requires proxy authentication 408 Request Timeout 409 conflict 410 failure

Indicates that the request did not succeed and the customer must take further action.

101 Exchange Protocol

201 Created
203 Non-certified information

205 Resetting Content

301 Permanent Transfer 303 See other

411 Required Length
413 Request Entity too large
415 Media type not supported
Server Error Class
500 Server Internal Error
501 Not implemented (not implemented) 502 Gateway failed
504 Gateway Timeout
505 HTTP version does not support 7. HTTP request method

HTTP1.1 A total of 8 common methods

OPTIONS Fri, 03:21:46 GMT indicates that the date and time the message occurred in RCF 1123[8] format sends the HEAD to the server for a response that is consistent with the GET request, except that the response body will not be returned. This method can obtain meta information contained in the response message header without having to transmit the entire response content
GET makes a request to a specific resource

POST submits data to the specified resource for processing requests (such as submitting a form or uploading a file). The data is included in the request body. A POST request may result in the creation of new resources and/or modification of existing resources.
PUT uploads its latest content to the specified resource location. For security reasons, most servers do not support this method
The delete request server deletes the resource identified by the Request-uri. For security reasons, most servers do not support this method for TRACE echo requests received by the server, primarily for testing or diagnostics. For security reasons, most servers do not support this method

CONNECT echoes the requests received by the server, primarily for testing or diagnostics. For security reasons, most servers do not support this method

This note is for safe Cattle class student notes, want to see this course or information security of dry goods can go to safe cattle classes

security+ Certification Why is the Internet + era of the most popular certification?

Manifesto first introduce you to security+

        security+ certification is a neutral third-party certification, the licensing Agency for the United States Computer Industry Association CompTIA, and CISSP, ITIL and other common inclusion in the international IT industry, one of 10 popular certification, and CISSP emphasis on information security Security+ certification is more emphasis on information security technology and operations than management.

This certification demonstrates your ability to network security, compliance and operational security, threats and vulnerabilities, application, data and Host security, access control and identity management, and encryption technology. Because of its difficult examination difficulty, the gold content is high, has been widely adopted by global enterprises and security professionals.

Why is security+ certification so hot?

        Reason one: In all information security certification, the emphasis on information security technology certification is blank,  security+ certification can make up for the gap in the field of information security technology.

      currently recognized in the industry of information security certification mainly Cisp and CISSP, but whether cisp or CISSP are emphasis on information security management, technical knowledge is broad and simple, the exam is around. And CISSP require a certificate of information security work experience for more than 5 years, Cisp also require a college education 4 years of working experience, these requirements will undoubtedly be able and motivated young people of the road blocked. In the real world, whether it is looking for a job or a raise, or a tender time to report personnel, certification is essential, which brings a lot of injustice to young people. The emergence of security+ can clear these young people career development obstacles, because security+ emphasis on information security technology, so there is no special requirements for work experience. As long as you have an IT-related background, the pursuit of progress can be studied and tested.

        reason two:  it operation and maintenance personnel work and turn over the weapon.

        in the banking, securities, insurance, information and communications industries, IT operations personnel are very many, it operations involved in the face is also very wide. is a network, system, security, application architecture, storage as one integrated technology post. Although no program ape "born as a Bachelor, Die also write code," The solemn and tragic, but also has "Hoe wo Day Copse, as the operation of suffering" feeling. Every day to the computer and machine, the time has been inevitable for career development confusion and confusion. The advent of security+ international certification allows the pursuit of IT operations personnel to learn network security knowledge, to master network security practices. Career development in the direction of network security, to solve the problem of the shortage of information security personnel in China. In addition, even if not transformation, to do a good job in operation and maintenance, learning safety knowledge to obtain safety certification is also essential.

Reason three: grounding gas, international stylish, easy to test, moderate cost!

As the most influential global leader in the global ICT sector, CompTIA is professional, fair and impartial in the field of information security talent certification. Security+ certification is highly operational and closely related to the daily work of frontline engineers. Suitable for banks, securities, insurance, internet companies and other IT-related personnel learning. As an international certification in 147 countries around the world are widely recognized.

Under the current tide of information security, talent is the key to the development of information security. and the current domestic information security personnel is very scarce, I believe security+ certification will become the most popular information security certification.

This article is from the "11662938" blog, please be sure to keep this source http://11672938.blog.51cto.com/11662938/1974434

"Safe Cow Learning Note" HTTP protocol