introduction of HTTP and its communication mechanismHTTP (hypertext Transfer Protocol) is a set of rules for computers to communicate over a network. Computer experts design HTTP to enable HTTP clients (such as Web browsers) to request information and services from an HTTP server (Web server). HTTP Current protocol version is 1.1.HTTP is a stateless protocol, stateless refers to the Web browser and the Web server does not need to establish a persistent connection, which means when a client makes a request to the server, and then the Web server returns a response (response), The connection is closed and information about the connection is not maintained on the server side. HTTP follows the request/answer (Response) model. The Web browser sends a request to the Web server, and the Web server processes the request and returns the appropriate answer. All HTTP connections are constructed as a set of requests and responses. HTTP uses content types, which are the types of files that the Web server returns to a Web browser. All of these types are modeled on the MIME Internet Mail protocol, where the Web server tells the Web browser what kind of file it has, whether it is an HTML document, a GIF format image, a sound file, or a standalone application. Most Web browsers have a series of configurable helper applications that tell the browser how to handle the various types of content that the Web server sends over. The HTTP communication mechanism is that during a complete HTTP communication, the following 7 steps will be completed between the Web browser and the Web server: (1) Establish a TCP connection before HTTP work begins, the Web browser first establishes a connection to the Web server over the network, which is done through TCP, which works with the IP protocol to build the Internet, known as the TCP/IP protocol family, So the internet is also known as a TCP/IP network. HTTP is a higher level of application-level protocol than TCP, according to the rules, only the lower layer protocol is established before the connection can be more protocol, so the first to establish a TCP connection, the port number of the general TCP connection is 80 (2) Web browser sends a request command to a Web server once a TCP connection is established, the Web browser sends a request command to the Web server for example: get/sample/hello.jsp http/1.1 (3) After the Web browser sends the request header information The browser sends its request command, it also sends some other information to the Web server in the form of header information, and then the browser sends a blank line to notify the server that it has ended sending the header information. (4) After the Web server answers the client to make a request to the server, the server responds to the client, and the first part of the http/1.1 is the protocol version number and the response status Code (5). The Web server sends the reply header information, just as the client sends information about itself along with the request, and the server sends the user with the answer about its own data and the requested document. (6) After the Web server sends a data Web server to the browser to send the header information to the browser, it sends a blank line to indicate that the header information is sent to the end, and then it sends the actual data requested by the user in the format described in the Content-type reply header information (7) A Web server shuts down a TCP connection in general, once the Web server sends the request data to the browser, it closes the TCP connection and then if the browser or server joins this line of code in its header connection: The KEEP-ALIVETCP connection will remain open after sending, so the browser can continue to send requests through the same connection. Maintaining a connection saves the time it takes to establish a new connection for each request and also saves network bandwidth.
HTTP request format when the browser makes a request to the Web server, it passes a block of data to the server, which is the request information, and the HTTP request information consists of 3 parts: l Request method URI Protocol/version L Requests header (Request header) L Request body Below is an example of an HTTP request: Get/sample.jsphttp/1.1accept:image/gif.image/jpeg,*/*accept-language:zh-cnconnection: keep-alivehost:localhostuser-agent:mozila/4.0 (compatible; MSIE5.01; Window NT5.0) accept-encoding:gzip,deflate username=jinqiao&password=1234 (1) The first line of the request method URI Protocol/version request is "Method URL negotiation/version": get/sample.jsp http/1.1 the "GET" in the code above represents the request method, "/sample.jsp" represents the URI, "http/1.1 represents the version of the Protocol and Protocol. HTTP requests can use a variety of request methods, depending on the HTTP standard. For example: HTTP1.1 supports 7 methods of request: GET, POST, HEAD, OPTIONS, PUT, delete, and Tarce. In Internet applications, the most common method is get and post. The URL completely specifies the network resource to be accessed, usually with a relative directory relative to the root of the server, always beginning with a "/", and finally, the version of the Protocol that declares the use of HTTP during communication. (2) The request header request header contains many useful information about the client environment and the request body. For example, the request header can declare the language used by the browser, the length of the request body, and so on. accept:image/gif.image/jpeg.*/*accept-language:zh-cnconnection:keep-alivehost:localhostuser-agent:mozila/4.0 ( Compatible:msie5.01:windows NT5.0) accept-encoding:gzip,deflate. (3) There is a blank line between the request body request header and the request body, which is very important, which indicates that the request header has ended. Next is the request body. The request body can contain query string information submitted by the customer: username=jinqiao&password=1234 in the HTTP request for the example above, the body of the request has only one line of content. Of course, in real-world applications, the HTTP request body can contain more content. HTTP request method I only discuss get method with Post method L The Get method get method is the default HTTP request method, we use the Get method to submit the form data, but the form data submitted with the Get method is simply encoded, and it is sent as part of the URL to the Web server, therefore, If you use the Get method to submit form data, there is a security risk. For exampleHttp://127.0.0.1/login.jsp?Name=zhangshi&Age=30&Submit=%cc%E+%BD%BBFrom the URL request above, it is easy to identify what the form submits. (? ) In addition, the amount of data submitted cannot be too large because the data submitted by the Get method is part of the URL request. The Post method post method is an alternative to the Get method, which is primarily to submit form data to the Web server, especially large batches of data. The Post method overcomes some of the drawbacks of the Get method. When submitting form data through the Post method, the data is not sent as part of the URL request but as standard data to the Web server, which overcomes the drawback that the information in the Get method is not confidential and the amount of data is too small. Therefore, for security reasons and respect for user privacy, the Post method is usually used for form submission. From a programmatic point of view, if a user submits data through a GET method, the data is stored in the QUERY_STRING environment variable, and the data submitted by the Post method can be obtained from the standard input stream. HTTP replies are similar to HTTP requests, and HTTP responses are made up of 3 parts, namely: L Protocol Status Version Code description L response Header (Response header) L response body Below is an example of an HTTP response: http/1.1 okserver: Apache tomcat/5.0.12date:mon,6oct2003 13:23:42 gmtcontent-length:112 The Protocol status code describes the first line of the HTTP response similar to the first line of the HTTP request, which indicates that the protocol used by the HTTP1.1 server has successfully processed the client-issued request (200 indicates success): http/1.1 OK
The response header (Response header) also contains many useful information, such as server type, datetime, content type, and length, as well as the request header: Server:apache tomcat/5.0.12date:mon,6oct2003 13:13:33 gmtcontent-type:text/htmllast-moified:mon,6 OCT 2003 13:23:42 gmtcontent-length:112 Response Body Response body is the HTML page returned by the server: . L The HTTP answer code HTTP answer code, also known as the status Code, reflects the status of the Web server processing HTTP requests. The HTTP answer code consists of 3 digits, with the first number defining the type of the answer code: the 1xx-Information Class (information), which indicates that a Web browser request is being received, the 2xx-Success Class (successful) is being further processed, indicating that the user request was received correctly, Understanding and Handling For example: the ok 3xx-redirect Class (redirection), which indicates that the request was unsuccessful and that the customer must take further action. 4xx-Client error, which indicates that the client submitted a request with an error such as: 404 not Found means that the document referenced in the request does not exist. 5xx-Server errors (server error) means that the server cannot complete the processing of the request: 500 For our web developers, mastering HTTP answer codes can help improve the efficiency and accuracy of Web application debugging. One of the most common uses of secure connection Web Apps is e-commerce, which allows people to shop online using Web server-side programs, and it's important to point out that by default, sending information over the Internet is unsafe, and if someone happens to intercept a message you've sent a friend, He can open it, imagine that there is a credit card number in it, how bad it can be, fortunately, many Web servers and Web browsers have the ability to create secure connections so that they can communicate securely. The most common standard for providing secure connections over the Internet is the Secure Sockets Layer (secure Sockets layer,ssl) protocol. The SSL protocol is an application-layer protocol (like HTTP) that is used to securely exchange data on the Web and SSL uses a public key-encoding system.In essence, this means that each party in the business has a public and a private key. When a party encodes a public key using the other party, only the person with the matching key can decode it. In short, public key encoding provides a secure way to exchange data between two parties, after the SSL connection is established, both the client and the server exchange the public key and validate it before the business contact, and once both keys are authenticated, the data can be exchanged securely.
=========================== Split Line ============================Introduction to HTTP request Methodsget and post are the two common methods of HTTP. What is HTTP? Hypertext Transfer Protocol (Hypertext Transfer Protocol-HTTP) is a protocol designed to enable clients and servers to communicate smoothly. HTTP works with Request-response protocol (Request-reply protocol) between the client and the server. Get-gets data from the specified server post-submits data to the specified server to handle the GET method: When using the Get method, the query string (key-value pair) is appended to the URL address and sent to the server:/test/demo_form.jsp?name1= Value1&name2=value2 Features:
- Get requests can be cached
- Get requests are saved in the browser's browsing history
- URL with Get request can be saved as browser bookmark
- Get request has a length limit
- Get requests are primarily used to obtain data
Post method: When using the Post method, the query string exists separately in the post message and is sent to the server with the HTTP request: post/test/demo_form.jsp http/1.1host:w3schools.comname1= Value1&name2=value2 Features:
- Post requests cannot be cached
- Post requests are not saved in browser browsing history
- The URL to post request cannot be saved as a browser bookmark
- POST request has no length limit
The difference between get and post: application/x-www-form-urlencoded or multipart/ Form-data. Please use multipart encoding for binary data
  |
GET |
post |
Click Back/ Refresh button |
|
data will be sent again (the browser will prompt the user" data is newly submitted ") |
add bookmark |
can |
can not |
cache |
can |
can not |
encoding type ( Encoding type) |
application/x-www-form-urlencoded | TD valign= "Top" style= "margin:0px; padding:3px; border:1px solid silver; Border-collapse:collapse ">
history |
There are |
no |
length limit |
There are |
no |
data type restrictions |
|
There is no limit. Allow binary data |
security |
query string is displayed in the URL of the address bar, not secure, do not submit sensitive data using GET requests |
Because data is not displayed in the address bar and is not cached or saved in the browsing history, it is safer to look at a post plea than a GET request, but it is not the safest way. If you need to transfer sensitive data, use encrypted mode to transfer the |
Visibility of |
The query string is displayed in the URL of the address bar, visible |
The query string is not displayed in the Address bar, not visible
|
other HTTP request MethodsThe difference between patch and put:
  |
patch |
put |
Action on an existing resource: |
is used to update part of the content of a resource, such as a field: A phone number field that only updates user information |
is used to update a more complete content of a resource, such as users to fill out the full form update all information Background processing updates may just keep the internal record ID unchanged |
When a resource does not exist: |
Lenovo to version control patch is to modify the original content May also produce a new version, such as when a resource When it fails, patches may go to create a new Resources, like saveorupdate operations |
Update operation is possible only for existing resources |
The method is to delete the resource on the specified URL through an HTTP request, and thedelete request typically returns 3 kinds of code:
(OK)-delete succeeded while returning the deleted resource
202(Accepted)-The delete request has been accepted but not immediately executed ( the resource may have been moved to the area to be deleted )
204(no Content)-The delete request has been executed, but no resources are returned (perhaps caused by a request to delete a non-existent resource)
HTTP in layman's HTTP requests and 15 of requests