HTTP protocol is an application layer protocol, which consists of request and response, is a standard client server-side model and is a stateless protocol.
The HTTP protocol is usually hosted on top of the TCP protocol, sometimes hosted on a TLS or SSL protocol layer, which forms https. The HTTP protocol port is 80,HTTPS protocol port 443.
Web server, browser, proxy server:
When we enter the URL, the browser sends a Request,web server to the Web server, processes the request, generates the corresponding response and sends it to the browser, and the browser parses the HTML in the response so that we can see the page.
It is also possible that our request has passed through the proxy server before it arrives at the Web server. Its main functions are as follows:
(1) Improve the speed of access, most of the proxy server has a cache function.
(2) Break the limit, that is FQ.
(3) Hide identity.
URL Details:
The URL address is used to describe a resource on a network in the following format:
schema://host[:p ort#]/path/.../[;url-params][?query-string][#anchor]
Schema: Specify protocol for low-level use (e.g. http,https,ftp)
IP address or domain name of the host:http server
The default port for the Port#:http server is 80, in which case the lower number can be omitted. If another port is used, it must be indicated.
Path: Access the paths to the resources.
Url-params:
Query-string: Data sent to the server.
HTTP protocol is stateless, the same client's request and the last request is not the corresponding relationship, for the HTTP server, it does not know that two requests from
The same client. To solve this problem, the Web application introduced a cookie mechanism to maintain state.
Message structure:
Request: Divided into 3 parts. The first part is called the request line, the second part is called the HTTP header, and the third part has a blank line between the Body,header and the body.
Method/path-to-resource Http/version-number
Header-name-1:value
Header-name-2:value
Optional Request Body
(1) method means a request, such as "post", "get".
(2) Path-to-resource represents the requested resource.
(3) Http/version-number represents the version number of the HTTP protocol.
Response: Divided into 3 parts, the first part is called Request line, the second part is called the request header, the third part is the empty line between Body,header and body
Http/version-number Status Code message
Header-name-1:value
Header-name-2:value
Optional Request Body
(1) Http/version-number indicates the version number of the HTTP protocol
(2) Status Code State code
(3) Message status information
The difference between get and post:
1. Get submitted data will be placed after the URL, to split the URL and transfer data, the parameters are connected with &, such as editposts.aspx?name=test1&id=123456. The Post method is to put the submitted data in the body of the HTTP packet (so the body is empty under Get mode).
2. The data size of the Get commit is limited (because the browser has a limit on the length of the URL), and there is no limit to the data submitted by the Post method.
3. The Get method needs to use Request.QueryString to get the value of the variable, while the Post method obtains the value of the variable by Request.Form.
4. The Get method submits the data, which brings security issues, such as a login page, when the data is submitted by get, the user name and password will appear on the URL, if the page can be cached or other people can access the machine, you can obtain the user's account and password from the history.
Status code:
http1.1 defines the status code in 5:
1XX: The message indicates that the request has been successfully received and continues processing.
2XX: Successful, indicates that the request has been successfully received, understood, received.
3xx: Redirect, to complete the request must be further processed. The redirect status code is used to tell the browser client that the resource they are accessing has been moved, and the Web server sends a redirect status code and an optional location Header to tell the client where the new resource address is. The browser client will automatically resend the new request with the address provided in location.
4XX: Client error, request syntax error or request could not be completed.
5XX: Server-side error, the server failed to implement a legitimate request.
Common Status Codes:
OK: Indicates that the request was successfully accepted and completed, and the requested resource was sent back to the client.
302 Found: The removal here is temporary and the client will resend the new HTTP Request using the URL given in the location.
304 Not Modified: Indicates that the last requested document cache is up-to-date, that is, the requested document has not changed and is directly using client-side caching.
If you do not want to use the local cache, use CTRL+F5 to force the page to refresh.
Bad Request: There was an error in the data sent to the request (there was an error in the form and a cookie error). The client request has a syntax error and cannot be understood by the server side.
403 Forbidden: The server receives the request but refuses to provide the service.
404 Not Found: The requested resource does not exist.
Internal Server Error: The server has unexpected errors and cannot service the request.
503 Service Unavailable: The server is currently unable to service the request, but it can be resumed over a period of time.
HTTP Request Header:
Cache header field:
(1) If-modified-since: The last modification time of the browser-side cache page is sent to the server, the server will compare this time with the last modification time of the actual file on the server, if the time is consistent, then return 304 (not Modified), The client uses the local cache file directly. If not, 200 and new file contents will be returned. After the client receives it, it discards the old files, caches the new files, and displays them in the browser. For example: If-modified-since:thu, 09:07:57 GMT this time back and response header in entity Last-modified:web,thu, 2012 09:07 : 304 GMT For comparison, the same time back to the client cache.
(2) The If-none-match:if-none-match works with the ETag and works by adding etag information to the HTTP response. When the user requests the resource again, the If-none-match information is added to the HTTP request, and the server verifies the value of the If-none-match and the ETag, compares it, and, if the value is the same, returns 304 if the resource is not updated. Use local cache resources directly. Otherwise, 200 and new content are returned, and the cache is re-cached.
(3) Pragma: Prevents the page from being cached.
(4) Cache-control: Used to specify the caching mechanism that requests and responses follow. Cache-control:no-cache means that all content is not cached.
Client header domain:
(1) Accept: The type of media the browser can accept. For example, accept:text/html means that the browser receiving server sends back a type of text/html that is what we often call HTML documents. accept:*/* indicates that the browser can handle all types (most commonly used).
(2) Accept-encoding: The browser declares itself to receive the encoding method, usually specifies the compression method, whether compression is supported, what compression is supported. For example: Accept-encoding:gzip,deflate.
(3) Accept-language: The browser affirms the language it receives. For example: accept-language:en-us.
(4) User-agent: Tell the HTTP Server the name and version number of the operating system and browser used by the client.
(5) Accept-charset: The browser affirms its own received character set, such as Gb2312,urf-8.
Cookie/login header domain: The most important header, the value of the cookie is sent to the HTTP server.
Entity header field:
(1) Content-length: The length of the data sent to the HTTP server. For example: content-length:38.
(2) Content-type:
Transport Header field:
(1) connection:keep-alive indicates that the client and server side TCP connections do not close when a Web page is opened. This established connection is used when the request is made again.
(2) Host: The request header domain is used primarily to specify the Internet host and port number of the requested resource.
HTTP Response Header:
Cache header field:
(1) Data: The specific date and time when the message was generated.
(2) Expires: The browser will use the local cache for the specified expiration time.
Cookie/login header field:
(1) P3P: Used to set cookies across domains, which resolves an issue where the iframe accesses cookies across domains.
(2) Set-cookie: Used to send cookies to the client browser, each write cookie generates a Set-cookie.
The other basic is no different from the request header.
HTTP Keep-alive Effect:
Keep-alive makes the client-to-server connection persistent, and when subsequent requests are made to the server side, Keep-alive avoids re-establishing the connection and uses the established connection directly.
Disadvantage: Resources that could have been freed during the processing pause are still occupied.
Several parameters: Keep-alive timeout=5,max=100
Timeout: The expiration time is 5 seconds. Max: Force disconnect after up to 100 requests.
http1.0: Keep-alive is turned off by default in http1.0. If the client browser supports keep-alive, add a conntion:keep-alive to the HTTP request header when
When the server receives a request with conntion:keep-alive, it adds conntion:keep-alive to the response header to make the client-server connection
Be kept. When a client sends another request, it is using an existing connection.
http1.1: Keep-alive is turned on by default in http1.1, all connections are persisted unless indicated in the request header or response header to close: Connection:close.
Well, the above basic is to see the summary of information learning. If there is anything wrong, please correct me.
This article is the original blogger, reproduced please indicate the source.
HTTP protocol Detailed