Talk about HTTP requests

Why do Web front-end to understand HTTP standards? Because the browser is going to fetch the Web page from the server, the Web page may also submit the information to the servers, all of which have HTTP connections. Since the web system is linked to an HTTP link, you have to understand it. I'll explain the HTTP standard in a few ways:

1. Procedures for HTTP requests
2. The meaning of the HTTP status code
3. HTTP header information
4. Cookie State Management
5. Method Get POST

Procedures for HTTP requests

1. Connection

When we enter a request, the first to establish a socket connection, because the socket is established through the IP and port, so there is a DNS resolution process, the domain name into the IP, if the URL does not contain a port number, the protocol will use the default port number.

The process of DNS is this: first we know that our local machine in the configuration of the network will be filled with DNS, so that the machine will send this URL to the configured DNS server, if you can find the appropriate URL to return its IP, otherwise the DNS will continue to send the resolution request to the superior DNS, The entire DNS can be considered a tree structure, and the request will be sent to the root until the result is obtained. Now you have the target IP and port number so that we can open the socket connection. (For specific reference: what happens when you load from the input URL to the page?) )

2. Request

After the connection succeeds, the Web browser starts sending requests to the Web server, which are typically get or post requests. The Post request form (form) parameter passes the GET command in the format: path/file name

3. Answer

The Web server starts processing after receiving this request. The server searches subdirectories for files from its document space empty. If the file is found, the file content is transferred to the Web browser. At the same time, in order to inform the browser, the Web server transmits some HTTP header information, the HTTP header information and the information body will be separated by a line of blank lines, commonly used HTTP header information:

• HTTP 1.0 OK this is the first line of the Web server answer, which lists the version number and the answer code of the HTTP that is running. Code 200 represents the completion of the request. (Refer to Common IIS log code for specific code)
• mime_version:1.0 it indicates the version of the MIME type
• Content_Type: Type This header information is very important, it indicates the MIME type of the HTTP body information. Such as: Content_type:text/html indicates that the transmitted data is an HTML document.
• Content_length: Length value It indicates the length of the HTTP body information (in bytes).

4. Close the connection

When the answer is complete, the Web browser and Web server must be disconnected to ensure that other Web browsers can connect to the Web server.

The meaning of the HTTP status code

1XX: Information, request received, continue processing
2XX: Success, Behavior is successfully accepted, understood and adopted
3xx: Redirect, in order to complete the request, the action must be further performed
4XX: Client error, request contains syntax error or request cannot be implemented
5XX: Server error, server cannot implement an apparently invalid request

- Series Code

The HTTP status code from 100 to 199 is the information report code. For a variety of reasons, we rarely see these codes in most cases. First, if a browser tries to access a Web site, and the site returns the code, they tend not to appear on the screen. They are just browsers that make reference to the internal code. Another reason why these codes are not common is that the initial HTTP standard does not allow the use of this range of status codes. For their part, they have not been widely used.

$ Series Code

The status code from 200 to 299 is the operation success code. Similarly, in normal web surfing, you probably never see the code on the screen. Instead, the code is used inside the browser to confirm the success of the operation and the status of the current request. Although these codes are usually not displayed, some troubleshooting tools can read them, as with most HTTP status codes, which are useful in the error diagnosis process.

- Series Code

A status code ranging from 300 to 399 is a redirect code. Essentially, they tell the Web browser that some other action must be taken to complete the request. Based on the characteristics of this command, it can be executed automatically, or require additional user input. For example, a status code of 301 indicates that a particular resource has been permanently removed, so all access to that resource request should be directed to a specific URL in the future.

- Series Code

The status code in the 400 range is the client error code. This type of error code is often associated with security. For example, if a client tries to access a resource that is not authorized to access it, the server returns a status code of 401. Similarly, if a client attempts to access a prohibited resource, in which case the client's authentication status is the same, the server may return a status code of 403, which means that the resource is forbidden to access.

A level 400 error code may also be returned if the request is incorrect or the client times out. However, there is a level 400 code that is always misleading: 404. Although this code is technically classified as a client-side error, it can actually represent errors on the client or server at the same time. However, this error code simply shows that the requested resource was not found. When this error occurs on the client, it often indicates a network connectivity problem. At other times, this error can also occur because the resource has been transferred or renamed from the server.

- Series Code

A level 500 status code indicates a server error. For example, if the Web server times out, it generates a 504 error. Although, a 500-level error often represents a problem for a Web application that is not a server problem, but is running on the server. For example, my own personal website is written in ASP, which is responsible for dynamically generating HTML pages. During debugging, the bug code always causes my web server to return an HTTP status code of 500, which is a general indication of an internal server error. This code only has a problem, and HTTP cannot resolve the problem.

Please refer to the common IIS log code for the specific code

HTTP header information

We open a website like www.shell.com

You can see the contents of the request header

These include: Accept, Accept-charset, accept-encoding, Accept-language, Authorization, If-match, If-none-match, If-modified-since, If-unmodified-since, If-range, Range, Proxy-authenticate, Proxy-authorization, Host, Referer, User-agent

1 , Accept

Tell the Web server what type of media you accept, */* represents any type, type/* represents all subtypes under that type, Type/sub-type.

2 , Accept-charset

The browser tells the server what character sets it can receive.

3 , Accept-encoding

The browser affirms its own received encoding method, usually specifying the compression method, whether compression is supported, and what compression method (Gzip,deflate) is supported.

4 , Accept-language

The browser affirms the language it receives. The difference between language and character set: Chinese is language, Chinese has many character sets, such as BIG5,GB2312,GBK and so on.

5 , Authorization

When the client receives a www-authenticate response from the Web server, it uses that header to respond to its own authentication information to the Web server.

6 , If-match

If the ETag of an object does not change, it also means that the object has not changed before executing the requested action to obtain the document.

7 , If-none-match

If the ETag of an object changes, it also means that the object has changed to perform the requested action and obtain the document.

8 , If-modified-since

If the requested object is modified after the specified time in the header, the requested action (such as returning the object) is executed, otherwise the code 304 is returned, telling the browser that the object has not been modified. Example: If-modified-since:thu, APR 09:14:42 GMT

9 , If-unmodified-since

If the requested object has not been modified since the time specified in the header, the requested action (such as returning an object) is performed.

Ten , If-range

The browser tells the WEB server that if the object I requested doesn't change, give me the missing part, and if the object changes, give me the whole object. The browser can tell the WEB server whether the object has changed by sending the etag of the requested object or the last modification time it knows. Always used with the Range header.

A , Range

browsers, such as Flashget multi-threaded downloads, tell the WEB server what part of the object you want to take. Example: range:bytes=1173546

- , Proxy-authenticate

The proxy server responds to the browser and requires it to provide proxy authentication information.

- , Proxy-authorization

The browser responds to the proxy server's authentication request and provides its own identity information.

the , Host

The client specifies the domain/IP address and port number of the Web server that you want to access. such as Host:rss.sina.com.cn

- , Referer

The browser indicates to the Web server which page URL it was from to click on the URL/url in the current request, for example: referer:http://www.ecdoer.com/

- , User-agent

The browser indicates its identity (which browser). Example: mozilla/5.0 (Windows NT 6.1) applewebkit/537.36 (khtml, like Gecko) chrome/36.0.1985.143safari/537.36

Cookie State Management

Definition: The client (browser) makes a request to the server, and the server sends a small string of strings back to the client in the form of a Set-cookie message header, where the browser stores this small piece of information and, under certain conditions, when the client makes a request to the server again. The browser automatically sends this small piece of text information to the server side. Some conditions refer to whether the detection time has expired and whether the detection path conforms to the rule.

1. What is a cookie?

When the browser accesses the server, the server sends some data to the browser in the form of a Set-cookie message header. The browser will save the data. When the browser accesses the server again, the data is sent to the server in the form of a cookie message header. In this way, you can manage the user's state.

2. How to create a cookie

Server-side creation, of course, Response.setcookie

3. Obtaining cookies

Of course the browser gets it, Request.getcookie

4. Save time for Cookies

You can set the expiration time of the cookie, and if you do not set the cookie expiration time, the cookie expires when the browser is in session, and if the browser is closed, the cookie will expire.

5. How to clear cookies

It's good to set the expiration time of the current cookie to expire.

Method Get POST

In the request-response between the client and the server, the two most commonly used methods are: GET and POST.

GET -requests data from the specified resource.

POST -submits the data to be processed to the specified resource

Some additional comments about the GET request:

Get requests can be cached

Get requests remain in browser history

Get requests can be bookmark-Favorites

Get requests should not be used when handling sensitive data

Get request has a length limit

Get requests should only be used to retrieve data

POST method

Note that the query string (name/value pair) is sent in the HTTP message body of the POST request:

Post/test/demo_form.asp http/1.1

Host:w3schools.com

Name1=value1&name2=value2

Some additional comments about the POST request:

POST requests are not cached

POST requests are not persisted in browser history

POST cannot be bookmarked

POST request has no requirement for data length

The following table compares the two HTTP methods: GET and POST.

	GET	POST
Back button/Refresh	Harmless	The data is resubmitted (the browser should tell the user that the data will be resubmitted).
Bookmark	Bookmark can be bookmarked	Bookmark not available for collection
Cache	can be cached	Cannot be cached
Encoding type	application/x-www-form-urlencoded	Application/x-www-form-urlencoded or Multipart/form-data. Use multiple encodings for binary data.
History	The parameters remain in the browser history.	Parameters are not saved in the browser history.
Limits on the length of data	Yes. When data is sent, the GET method adds data to the URL, and the length of the URL is limited (the maximum length of the URL is 2048 characters).	Unlimited.
Restrictions on data types	Only ASCII characters are allowed.	There is no limit. Binary data is also allowed.
Security	GET is less secure than POST because the data being sent is part of the URL. Never use GET when sending passwords or other sensitive information!	POST is more secure than GET because parameters are not saved in the browser history or Web server logs.
Visibility of	The data is visible to everyone in the URL.	The data is not displayed in the URL.

Talk about HTTP requests