HTTP protocol Detailed

First, the Primer

???????? HTTP, or Hypertext Transfer Protocol, is the most important Web application layer standard on the Internet. b/S architecture of the application system with HTTP between the client and the server to transfer data. HTTP can transmit data in any format, from text to images and even video streams via HTTP.

Second, the HTTP process

???????? HTTP is the standard protocol for communicating between Web browsers and Web servers, and is an important basis for reliably exchanging files on the Internet.

???????? Each HTTP site has a server process that listens to the HTTP port of TCP, the HTTP port defaults to 80, or it can be set to a different port by the server process. When the server discovers that a client has established a connection and submits an HTTP request (request), it performs the appropriate action based on the requested content and returns the result to the client (Response). Usually the customer initiates a network access in the browser in the following steps:

1. Enter the URL and press Enter键 , such as Access http://mysite:8080/app/index.html
2. The browser uses the domain Name System to query MySite real IP, such as 212.34.98.20
3. Initiate a TCP connection request and establish a connection to the server 212.34.98.20 port 8080
4. Send the contents of the HTTP request, including the address of the access/app/index.html, access mode get, product name of the browser itself, etc.
5. The server returns the data in/app/index.html as response sent to the client. If the request is not a file, the server needs to execute the corresponding code, dynamically generated and returned to the client
6. Close the TCP connection to the server after the browser receives the results
7. The browser renders the received results on the display

Note : The domain name resolution itself is not part of HTTP, and the client should complete the domain name resolution through the DNS server before establishing a TCP connection to the server

???????? The above is the most typical HTTP process, and today's HTTP version also allows the client to not close the TCP connection after an HTTP request is complete, so that the connection is reused for the 2nd time the HTTP request is sent, in order to reduce the overall overhead of the system, which is called keep-alive in HTTP.

Third, HTTP message structure Request message structure

???????? The two messages for HTTP (resquest and response) use different message structures, and the request format is as follows:

[请求方法] [URL] [协议版本][头字段1]：值1。。。[头字段n]：值n[消息体]

???????? The structure format consists of two parts: the message header (HTTP head) and the body of the message (HTTP body). The x message body does not have a fixed format: the head and body are separated by a blank line. The request method, URL, protocol version, header field, etc. in the above format belong to the message header. Common message formatting includes Html,xml,json and so on.

HTTP/1.1 200 OKDate: Wed, 04 Jul 2018 08:30:38 GMTContent-Type: text/html; charset=utf-8Content-Length: 8092Connection: keep-aliveVary: Accept-EncodingCache-Control: private, max-age=10Expires: Wed, 04 Jul 2018 08:30:48 GMTLast-Modified: Wed, 04 Jul 2018 08:30:38 GMTX-UA-Compatible: IE=10

Response message Structure

???????? Response is the result that the server returns to the client based on the client's request package, response in the following format:

【协议版本】 【错误代码】【错误字符串】【头字段1】: 值1。。。。。【头字段N】: 值N【消息体】

Common header fields

Accept sets the accepted content type Accept:text/plainaccept-charset set the accepted character encoding accept-charset:utf-8accept-encoding Set the accepted encoding format accept-encoding:gzip, Deflateaccept-datetime set the accepted version time Accept-datetime:thu, 2007 20:35:00 Gmtaccept-language set the accepted language Accept-language:en-usauthorization set the credentials for HTTP authentication Authorization:basic Qwxhzgrpbjpvcgvuihnlc2ftzq==cache-control sets the instructions that all caching mechanisms on the request response chain must follow cache-control:no-cacheconnection Set control options for the current connection and Hop-by-hop Protocol request field List connection:keep-aliveconnection:upgradecontent-length set the byte length of the request body Content-length: 348CONTENT-MD5 sets the Base64 binary encoding of the request body content based on the MD5 algorithm Content-md5:q2hly2sgsw50zwdyaxr5iq==content-type Set the MIME type of the request body (for Post and put requests) Content-type:application/x-www-form-urlencodedcookie set the HTTP that the server sends using Set-cookie Cookiecookie: $Version = 1; Skin=new;date set the date and time the message was sent Date:tue, 1994 08:12:31 Gmtexpect identifies the specific browser behavior that the client needs expect:100-continueforwarded Discloses the source information of a client connecting to a Web service through an HTTP proxy forwarded:for=192.0.2.60;proto=http;by=203.0.113.43forwarded:for=192.0.2.43, for= 198.51.100.17From set the email address of the user sending the request from: [email&Nbsp;protected]host set the server domain name and TCP port number, if you are using a service request standard port number, the port number can be omitted host:en.wikipedia.org:8080host: En.wikipedia.orgif-match sets the client's ETag, which is executed only when the client ETag and the server-generated etag are consistent, and is applicable to updating resources that have not changed since the last update If-match: " 737060cd8c284d8af7ad3082f209582dif-modified-since set update time, from update time to server accept request during the period of time if the resource has not changed, allow the server to return 304 not Modifiedif-modified-since:sat, OCT 1994 19:43:31 Gmtif-none-match Set the client ETag, if the server side accepts the request generated by the same etage, allow the server to return 304 not Modifiedif-none-match: "737060cd8c284d8af7ad3082f209582d" If-range sets the client ETag, returns the missing entity section if the same etage as the server accepts the request generated Otherwise, return the entire new entity If-range: "737060cd8c284d8af7ad3082f209582d" if-unmodified-since set the update time, only the entity has not changed from the time of update to the server to accept the request. The server does not send a response If-unmodified-since:sat, OCT 1994 19:43:31 Gmtmax-forwards limit the number of times the agent or gateway forwards messages Max-forwards:10origin Identify cross-domain resource requests (Request server Settings Access-control-allow-origin response fields) Origin:http://www.example-social-network.compragma set special implementation fields, may have multiple effects on the request response chain Pragma:no-cacheproxy-authorization authentication information for the connection agent Proxy-authorization:basic QWXHZGRPBJPVCGVUIHNLC2FTZQ ==range requests some entities to set the range of bytes for the requested entity, as described in byte servi in http/1.1Ngrange:bytes=500-999referer sets the address of the previous page, and the connection in the previous page points to the current request, meaning that if the current request is sent in the a page, Then Referer is a page URL address (anecdote: the correct spelling of the word should be "referrer", but in many specifications are spelled "Referer", so the word becomes the standard usage) referer:http:// En.wikipedia.org/wiki/main_pagete sets the transport encoding format that the user agent expects to accept, as well as the Transfer-encoding field in the response header te:trailers, Deflateupgrade Request server-side upgrade protocol upgrade:http/2.0, https/1.3, irc/6.9, rta/x11, websocketuser-agent user-agent string value user-agent:mozilla/5.0 (X11; Linux x86_64; rv:12.0) gecko/20100101 Firefox/21.0via Notification Server proxy request via:1.0 Fred, 1.1 example.com (apache/1.1) Warning General Warning warning:199 Miscellaneous Warning common non-standard request header fields X-requested-with identify AJAX requests for issues that may occur with an entity Most JS frames send requests when they are set to Xmlhttprequestx-requested-with:xmlhttprequest

Common error Codes

200：正确的请求返回正确的结果，如果不想细分正确的请求结果都可以直接返回200。201：表示资源被正确的创建。比如说，我们 POST 用户名、密码正确创建了一个用户就可以返回 201。202：请求是正确的，但是结果正在处理中，这时候客户端可以通过轮询等机制继续请求。203：请求的代理服务器修改了源服务器返回的 200 中的内容，我们通过代理服务器向服务器 A 请求用户信息，服务器 A 正常响应，但代理服务器命中了缓存并返回了自己的缓存内容，这时候它返回 203 告诉我们这部分信息不一定是最新的，我们可以自行判断并处理。300：请求成功，但结果有多种选择。301：请求成功，但是资源被永久转移。比如说，我们下载的东西不在这个地址需要去到新的地址。303：使用 GET 来访问新的地址来获取资源。304：请求的资源并没有被修改过。308：使用原有的地址请求方式来通过新地址获取资源。400：请求出现错误，比如请求头不对等。401：没有提供认证信息。请求的时候没有带上 Token 等。402：为以后需要所保留的状态码。403：请求的资源不允许访问。就是说没有权限。404：请求的内容不存在。406：请求的资源并不符合要求。408：客户端请求超时。413：请求体过大。415：类型不正确。416：请求的区间无效。500：服务器错误。501：请求还没有被实现。502：网关错误。503：服务暂时不可用。服务器正好在更新代码重启。505：请求的 HTTP 版本不支持。

Iv. HTTP Request method

• Delete: Remove information from the given address
• Get: Gets the information from the address accessed, that is, the information header, and also gets the information body. This is one of the most important HTTP access methods on the Internet.
• Head: From the address of the access to get information, it is the difference from get: Head only gets the information header, does not get the body of information. If get access is declared in the flask route, it is not necessary to declare the head access method
• Options: Provides a way for clients to query "What access is available in this URL address"
• Post: The client submits new data to the server via post access, the server must ensure that the data is kept intact, and the server does not allow duplicate post data submissions. This is the way in which URLs are used to submit data in HTML through forms (form).
• Put: Similar to the post access method, Post is also a way for the client to submit data to the server, but the put allows the client to submit data for duplicate primary keys, which overwrites the data already on the server with the newly submitted data when it discovers data for duplicate primary keys in the server through put access.

HTTP protocol Detailed