Fundamentals of Web Application Technology

Introduction to http:

The HTTP (Hypertext Transfer protocal) Hypertext Transfer Protocol is a standard for client and server-side requests and responses, a common, state-of-the-line protocol, and a generic communication protocol for user agents and proxy \ Gateways to other network systems. The default port is 80.

About https:

HTTPS (Hypetext Transfer protocal Secure) Hypertext Transfer Security protocol is a combination of Hypertext Transfer Protocol and SSL/TL to provide encrypted communication and authentication to network servers. Often used for sensitive information transmission. The default port is 443.

The URI(Uniform Resource Identifier) Uniform Resource Identifier, which is a string that identifies an Internet resource name, allows the user to interact with a resource in the Internet through a specific protocol, including the definition of syntax and related protocols.

URL (Uniform\universal Resource Locator) A Uniform Resource Locator, also known as a web address, is a standard resource address on the Internet, like a house of numbers on a network.

Format:

Protocol://Host Name [: Port number]/path/[? query]

URN (Unifrom Resource name) a Uniform Resource name, which is a uri.url that specifies a resource by name based on a namespace represents a person's domicile address, and the urn represents the identity of something, and the URL provides a way to find it.

Url,urn are a subset of URIs.

HTTP message:

There is a request from the client to the server and a response from the server to the customer.

http-message = Request | answer; http/1.1 message

A request message that explicitly describes HTTP in HTTP1.1 cannot start with CRLF or end with CRLF

HTTP method:

OPTIONS:

This method describes the request that the URI determines the communication option information in the request/reply process, and returns the HTTP request method that the server supports for a particular resource. This method allows the client to determine options related to a resource or server capability, without having to take any action on the resource or initiate a fetch request to the resource. The response message for the opttions is not cacheable.

GET

This method means getting any information that is identified by the requested URI. If the request message includes a If-modified-since,if-unmodified-since,if-match,if-none-match or if-range header, the method becomes conditional "get", conditional ' get ' Only the eligible entities are transferred, and if the GET request contains a range header, the GET request becomes "partial get", and only the part described by range is obtained. The response message for a get can be cached.

HEAD

The HTTP header in the response to the head request contains the same meta-message as the header of the response message sent by the GET request, which can be used for late entity meta-messages without the need to transfer the entity itself. Often used to test the validity, usability, and recent modification of hypertext transmissions.

POST

Submits data to the specified resource for processing requests, and the data is included in the request body. The response of the Post method is not cacheable unless the response includes the appropriate Cache-control or expires header. However, the 303 (see) response can direct the user agent to obtain a cacheable resource

PUT

The entity in the request of the put method should be stored under the target specified by Request-uri.

DELETE

This method requests the server to delete the resource identified by the Request-uri. The response message for the delete is not cacheable.

TRACE

This method is used to cause the remote server to echo the application layer on the request message, that is, to echo the request received by the server

CONNECT

The Connect method is reserved in the HTTP1.1 protocol. This method can dynamically switch the proxy of the tunnel.

HTTP status code:

The HTTP status code consists of a three-digit status code that identifies the processing of HTTP request messages, divided into 5 categories, starting with 1,2,3,4,5;

1XX message:

Represents a temporary response that contains only the status line and an optional header, ending with a blank line. For this type of status code, no header is required. Because http1.1 does not define a 1XX status code, the server must disable sending a 1XX message to the HTTP1.1 client

The 1XX series currently has 2 species, namely continue and 101 (switching protocols)

2XX success:

This type of status code indicates that the client's request was successfully accepted, processed, and understood.

2XX has 7 status codes: 200-206. The most commonly used is the 200 status code, which indicates that the request was successful.

3xx redirection:

This type of status code indicates that a user agent is required to take further action to complete the request.

3XX has 8 kinds of code: 300-307, more commonly have User redirect 301 (Moved permanently) and 302 (found)

4XX Client Error:

Indicates a client error, except that the server should include information explaining the error in addition to the response head request. This type of status code applies to any request.

4xx a total of 18 status code 400-417, the most commonly used is the three (bad Request)

5XX Server Error:

Indicates that the server has an error or cannot process the request.

5XX includes 6 kinds of error 500-505, the most commonly used is 505, because HTTP to the protocol format requirements are particularly strict, if the format check does not pass the error can be 505.

HTTP Cookie

A cookie is usually a small piece of data that a Web site sends and is stored by the user's browser when a user browses to a site. When a user browses the same website again, the data stored in the cookie is automatically sent to the site by 6,000, and the site is aware of the user's previous activity based on the cookie. is the design of a reliable mechanism for remembering the activities that the user has done or the status of the user re-site.

Cookies are always saved in the client, and can be divided into memory cookies and hard disk cookies by their saved locations. Memory cookies are maintained by the browser, stored in memory, and disappear after the browser is closed; the hard disk cookie is saved in the hard drive, there is an expiration time, unless the user manually clean up or to expire time, the hard disk cookie will not be deleted, the existence time is long-term. By time of existence can be divided into non-persistent cookies and persistent cookies.

Common terms:

Session Cookie: Only exists during user's use of the site, a Web browser will delete Sessioncookie on exit

Persistent Cookie: will be longer than the user's session.

Secure Cookie: means that the cookie has a secure attribute and can only be used over HTTPS to ensure that the cookie is always encrypted during transmission.

HttpOnly cookies: They are only used when transmitting HTTP/HTTPS requests, which restricts access to other non-HTTP APIs.

Third-party Cookie: The domain name set in the cookie is not the same as the domain name in the browser address bar; The First-party cookie refers to the domain name set in the cookie as the domain name in the browser's address bar or its sub-domain name;

Super-cookie is a cookie that sets the domain name as a public suffix, such as. com,.org.

Zombie Cookie: Any cookie that is automatically created after a user deletes a cookie.

Role:

Session Management: Cookies can be used to maintain and user-related data during a user's visit to the site.

Personalization: Remember the information that some users visit the site and display relevant content when they visit again in the future.

Tracking: Can be used to track users ' habits of accessing the Internet.

HTTP session:

The session is a server mechanism, and the server generally uses a hash table-like structure to store information.

　　

　　

Fundamentals of Web Application Technology