Format of HTTP request data

recently saw the TINYHTTPD Server Agent, looked at the HTTP request packet format and content

The HTTP request consists of three parts:

Request Line + request Header + data body

Request line contains three contents method + Request-uri + http-version

Method contains post, get, Head,delete, put, connect, options, Patch, PROPFIND, Propatch, MKCOL, copy, move, lock, UN Lock, Trace, head

Method:

get	request Uri get resources
post	to add a new resource for form submission
put	to modify a content
delete  ;	Delete a content
connect	for proxy transfer such as SSL
options	asks you to perform those methods
patch	part of the document.
propfind	View Properties
proppatch	setting Properties
mkcol	Create collection
copy	copy
move	move
lock	locking
unlock	unlock
trace	for remote diagnostics server
head	similar to Get

Main introduction to get method and post method

Get method:

Is the resource that describes the request in the URL, such as https://www.baidu.com/con?from=self?_t=1466609839126? After the data is the requested data, and the connection with the &,get method can also submit form data, but the submitted data in the URL, others can view the history of the URL to get the data you submitted, it is not safe

Post method:

The transfer data is not in the URL, but appears in the data segment, and the request header is much more secure than the Get method when the Content-type and Content-length,post submit the form data

Post method Submission Form and get method submission Form Single-phase comparison:

1>get Clear Text transmission, information attached to the URL, get clear text transmission, post more secure
2> Get transfer has size limit, should be 3k,post need to develop transport type
3 >get is used to get data, according to get variable call different data, post is used to submit data, submit user input data

The difference between the Get method and the Post method:

1>get is a request to send data to the server, and post is a request to submit data to the server
2>get is to obtain information, not to modify information, like database query function, the data will not be modified
The parameters of the 3>get request will be passed after the URL, the requested data will be appended to the URL, to split the URL and transfer data, the parameters are connected with &, XX in%xx for the symbol in 16 binary ASCII, if the data is English letter/number, sent as IS, If it is a space, converted to +, if it is Chinese/other characters, the string is directly encrypted with BASE64.
There is a size limit to the data transmitted by 4>get, because get commits data through a URL, so the amount of data that can be submitted is directly related to the length of the URL, and different browsers have different limits on the length of the URL.
5>get requested data will be cached by the browser, the user name and password will appear in plaintext on the URL, others can find historical browsing records, the data is not very safe. On the server side, use Request.QueryString to get the data submitted by the Get method
The 6>post request is sent to the Web server as the actual content of the HTTP message, the data is placed in the request body, and post does not restrict the submitted data. Post is safer than get, when the data is in Chinese or not sensitive data, then use GET, because use GET, parameters will be displayed in the address, for sensitive data and not Chinese characters of data, then use post
7>post represents the possibility of modifying a request to a resource on a server, and the data submitted by post can only be retrieved using Request.Form on the server side.

request lines such as: get/icwork/? Search = Product http/1.1

Request Header

The request header contains:

Accept : Refers to the MIME file format in which the browser or other customer can receive the love. The servlet can judge and return the appropriate file format based on it.

user-agent : is the customer browser name

Host : The Web name and port number in the URL.

Accept-langeuage : Indicates the type of language that the browser can accept, such as en or en-us, referring to English.

Connection: Used to tell the server whether a fixed HTTP connection can be maintained. HTTP is not connected, http/1.1 uses keep-alive as the default, so that when the browser needs multiple files (such as an HTML file and related graphics files), you do not need to establish a connection every time

Cookie: This property is used by the browser to send cookies to the server. Cookies are small data bodies that are stored in a browser, which can record user information related to the server, and can also be used to implement conversational functions.

Referer: Indicates the URL of the Web page that generated the request. If you click a link to a Web page from the Web/icconcept/index.jsp, Referer is http://hostname:8080/in the Get/icwork/search request sent to the server/icwork/search Icconcept/index.jsp. This property can be used to track what Web requests are coming from.

User-agent: Is the client browser name.

Content-type: The content type used for table name request. Can be obtained using the HttpServletRequest getContentType () method.

Accept-charset: Indicates the character encoding that the browser can accept. The default value for the English browser is iso-8859-1.

Accept-encoding: Indicates how the browser can accept the encoding. Encoding differs from file format in order to compress files and speed up file delivery. The browser decodes the Web response after it receives it, and then checks the file format.

Getf method Request headers such as:

Accept:image/webp,image/*,*/*;q=0.8accept-encoding:gzip, deflate, SDCH, braccept-language:en-us,en;q= 0.8connection:keep-alivecookie:pstm=1466499789; baiduid=d3a617ee01ffa9db9b7e3e5f0d3a01ee:fg=1; bidupsid=4aa34ec11075cb66b8bc9792dd422b6f; bduss= Vcc1m0cvqtynfgfmxtuw5kvtuydnbzumhiwfrxbnrlmnpidwv2odvxnhz1wkzyqvfbqufbjcqaaaaaaaaaaaeaaadkea1ztpo3rmfrt6zh0cfraaaaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac8salcvlgpxdz; bd_home=1; bd_upn=123353; bdrcvfr[fewj1vr5u3d]=i67x6tjhwwyf0; Bd_ck_sam=1; h_ps_pssid=19292_18286_1458_20318_18241_20369_17942_20388_19690_20417_18560_17001_15560_12277_20253; bdsvrtm=0host:www.baidu.comreferer:https://www.baidu.com/s?wd=http%20%e8%af%b7%e6%b1%82%e6%95%b0%e6%8d%ae%e7% 9a%84%e6%95%b0%e6%8d%ae%e5%8c%85%e6%a0%bc%e5%bc%8f&RSV_SPT=1&rsv_iqid=0x9b746a8000022af9&ISSP=1&f=8&RSV_BP=1&rsv_idx=2&ie=utf-8&rqlang=cn&tn=baiduhome_pg&rsv_enter=1&oq=http%20%e8%af%b7%e6%b1%82%e6%96%b9%e5%bc%8fpost%20url%e6%a0%bc%e5%bc%8f&rsv_t=59fb7cen5xgk8jfpqq7f7coy6k6dn5sgpemj1cdm4omoy0tgarj2l3fxoqy6f9lxoqoi&inputt=7936&RSV_PQ=ca5859d100027005&rsv_sug3=73&RSV_SUG1=12&rsv_sug7=100&rsv_sug2=0&rsv_sug4=32020user-agent:mozilla/5.0 (X11; Linux x86_64) applewebkit/537.36 (khtml, like Gecko) chrome/51.0.2704.79 safari/537.36

The request header of the Post method

Accept:*/*accept-encoding:gzip, deflate, Braccept-language:en-us,en;q=0.8authorization:basic WkEtMTE0MjcyNjAyMDY= Connection:keep-alivecontent-length:666content-type:application/jsonhost:zhihu-web-analytics.zhihu.comorigin: http://www.zhihu.comReferer:http://www.zhihu.com/question/41690822User-Agent:Mozilla/5.0 (X11; Linux x86_64) applewebkit/537.36 (khtml, like Gecko) chrome/51.0.2704.79 safari/537.36request Payloadview Source

By comparison, Content-type and Content-length.

Content-type: Represents the MIME type of the request style, note: Get's request message body is empty, so you do not need to specify the MIME type of the message body

Content-length: Indicates the length of the post data

For example, request data:

1 get/sample.jsphttp/1.1 2 accept:image/gif.image/jpeg,*/* 3 ACCEPT-LANGUAGE:ZH-CN 4 connection:keep-alive 5 Host:localhost 6 user-agent:mozila/4.0 (compatible; MSIE5.01; Window NT5.0)7accept-encoding:gzip,deflate8  9 username= Jinqiao&password=1234

First behavior HTTP request line, containing method, URI, and HTTP version

1-7 for the request header, including browser, host, accepted encoding and compression method

Line 8th indicates that a blank line indicates that the request header ends with an empty line that is required

Line 9th is the data body, such as information that needs to be queried.

The HTTP response body consists of three parts:

The HTTP response consists of three parts, namely the status line, the response header, and the response body.

The status line is by: Http-version+status-code+reason-phrase For example: http/1.1 OK, respectively, the HTTP version + status code + status codes text description status codes:

1xx	Indication information – Indicates that the request has been received and continues processing
2xx	Success – Indicates that the request has been successfully received, understood, accepted
3xx	REDIRECT – A further step must be made to complete the request.
4xx	Client Error – The request has a syntax error or the request cannot be implemented.
5xx	Server-Side Error – The server failed to implement a legitimate request.

Response header: Contains server type, date, length, content type, etc.

Server:apache tomcat/5.0.12date:mon,6oct2003 13:13:33 gmtcontent-type:text/htmllast-moified:mon,6 Oct 2003 13:23:42 gmtcontent-length:112

Response Body Response body is the HTML page returned by the server

Format of HTTP request data