HTTP explanation (1)-Working Principle

1. HTTP Overview

HyperText Transfer Protocol (Hyper Text Transfer Protocol) is a Transfer Protocol used to Transfer HyperText from a WWW server to a local browser. It makes the browser more efficient and reduces network transmission. It not only ensures that the computer transfers hypertext documents correctly and quickly, but also determines which part of the transmitted documents and which part of the content is first displayed (such as text before graphics.

Before learning how HTTP works, we should first understand the communication between computers.

2. Communication between computers

The key technology of the Internet is the TCP/IP protocol. The communication between the two computers is over the Internet through the TCP/IP protocol. In fact, there are two Protocols:

TCP: Transmission Control Protocol and IP: Internet Protocol.

IP: communication between computers

The IP protocol is a mechanism used by computers to identify and communicate with each other. Each computer has an IP address that identifies the computer on the internet. The IP address is responsible for sending and receiving packets over the Internet. Messages (or other data) are divided into small independent packages and transmitted between computers over the Internet. The IP address is responsible for routing each packet to its destination.

The IP protocol only allows computers to send messages to each other, but it does not check whether messages arrive in the sent order and is not damaged (only checks key header data ). In order to provide the message inspection function, the transmission control protocol TCP is designed directly on the IP protocol.

TCP: communication between applications

TCP ensures that the packets arrive in the correct order and tries to confirm that the content of the packets has not changed. TCP port over the IP address, which allows the computer to provide various services over the network. Some port numbers are reserved for different services, and these port numbers are well known.

Service or daemon: On the machine that provides the service, a program monitors the communication flow on a specific port. For example, most email communication flows out of port 25, and HTTP communication flows out of port 80 for wwww.

When an application wants to communicate with another application over TCP, it sends a Communication Request. This request must be sent to an exact address. After both parties "Shake hands", TCP will establish a full-duplex communication between two applications, occupying the entire communication line between two computers. TCP is used to control data transmission from applications to networks. TCP is responsible for dividing data into IP packets before data transmission, and then reorganizing them when they arrive.

The TCP/IP protocol works together with the IP protocol.

TCP is responsible for communication between application software (such as your browser) and network software. IP addresses are responsible for communication between computers. TCP is responsible for dividing and loading data into IP packets, and IP is responsible for sending the packets to the receiver. During transmission, the IP router is responsible for correctly addressing traffic, network errors, or other parameters, then they are combined again when they arrive.

 

3. protocol layer of the HTTP protocol

HTTP is based on the TCP protocol. For example, HTTP is the protocol at the application layer.

 

4. HTTP Request Response Model

HTTP consists of requests and responses. It is a standard client server model (B/S ). The HTTP protocol always initiates a request from the client, and the server returns the response. See:

 

HTTP is a stateless protocol. Stateless means that a persistent connection does not need to be established between the client (Web browser) and the server. This means that when a client sends a request to the server, the server returns a response ), the connection is closed and the connection information is not retained on the server. HTTP follows the request/response model. The client (browser) sends a request to the server. The server processes the request and returns an appropriate response. All HTTP connections are constructed into a set of requests and responses.

 

5. HTTP Workflow

An HTTP operation is called a transaction. The entire process is as follows:

1) Address Resolution,

Request this page with a client browser: http://localhost.com: 8080/index.htm

The protocol name, host name, port, object path, and other parts are decomposed. The resolution result for this address is as follows:
Protocol name: http
Host Name: localhost.com
Port 8080
Object Path:/index.htm

In this step, the Domain Name System DNS is required to resolve the domain name localhost.com and obtain the Host IP address.

2) encapsulate HTTP request data packets

Combine the above part with the local information and encapsulate it into an HTTP request packet

3) encapsulate it into a TCP packet and establish a TCP connection (TCP three-way handshake)

Before HTTP starts, the client (Web browser) must first establish a connection with the server through the network. The connection is completed through TCP, and the protocol and IP protocol jointly build the Internet, the famous TCP/IP protocol family, so the Internet is also called a TCP/IP network. HTTP is a higher-level application layer protocol than TCP. according to rules, only a lower-layer protocol can be established before connection to a higher-layer protocol can be established. Therefore, a TCP connection must be established first, generally, the port number of a TCP connection is 80. Port 8080

4) the client sends the Request command

After a connection is established, the client sends a request to the server in the format of Uniform Resource Identifier (URL), Protocol version number, the MIME information is followed by the request modifier, client information, and content.

5) Server Response

After receiving the request, the server sends a response in the format of a status line, including the Protocol version number of the message, a successful or wrong code, MIME information is followed by server information, entity information, and possible content.

After the server sends the header information to the browser, the entity message sends a blank line to indicate that the header information is sent to the end. Then, it sends the actual data requested by the user in the format described in the Content-Type response header information.

6) The server closes the TCP connection.

In general, once the Web server sends the request data to the browser, it must close the TCP connection. Then, if the browser or Server adds this line of code to its header information

Connection: keep-alive

The TCP connection remains open after being sent. Therefore, the browser can continue to send requests through the same connection. Keeping connections saves the time required to create new connections for each request and reduces network bandwidth.

 

 

6. Data streams at different layers in the HTTP protocol stack

First, let's take a look at the data organization of the protocols at each layer during client requests, such:

The server parses the client request as a reverse operation process, for example:

When the client initiates a request:

Customer opportunity to encapsulate requests into http data packets --> encapsulation into Tcp data packets --> encapsulation into Ip data packets ---> encapsulation into data frames ---> hardware converts frame data into bit streams (binary data) --> Finally, the physical hardware (NIC chip) is sent to the specified location.

The server hardware first receives the bit stream... and then converts it into an ip packet. Therefore, the Ip packet is parsed through the Ip protocol, and then the tcp packet is found in it. The tcp packet is parsed through the Tcp protocol, and then the http packet is parsed through the http protocol to obtain the data.

6. HTTPS implementation principle

HTTPS (full name: Hypertext Transfer
Protocol over Secure Socket Layer) is an HTTP channel designed for security. It is simply a Secure version of HTTP. That is, the SSL layer is added under HTTP, and the security foundation of HTTPS is SSL. The port number is 443.

There are two basic encryption and decryption algorithm types:

1) symmetric encryption: there is only one key, encryption and decryption are the same password, and encryption and decryption speed is fast. Typical symmetric encryption algorithms include DES and AES;

2) asymmetric encryption: Keys appear in pairs (the private key cannot be obtained based on the public key, or the public key cannot be obtained based on the private key). Different keys are used for encryption and decryption (public key encryption requires Private Key decryption, private key encryption requires Public Key decryption. Relatively symmetric encryption is slow. typical asymmetric encryption algorithms include RSA and DSA.

 
Let's take a look at the https communication process:

Advantages of https communication:

1) The key generated by the client can only be obtained by the client and the server;

2) Only the client and server can obtain the encrypted data in plaintext;

3) communication between the client and the server is secure.