HTTP protocol Learning Notes

Source: Internet
Author: User

I. Introduction of HTTP

The HTTP protocol is an abbreviation for the Hyper Text Transfer Protocol (Hypertext Transfer Protocol), which is used to transfer hypertext to the local browser from the World Wide Web (www:world Wide Web) server.

HTTP is based on the TCP/IP communication protocol to pass data (HTML files, image files, query results, etc.).

HTTP uses a Uniform Resource identifier (Uniform Resource Identifiers, URI) to transfer data and establish a connection. A URL (Uniformresourcelocator, Uniform Resource Locator) is a special type of URI that contains enough information to find a resource.

Second, the main features
    • HTTP is no connection: the meaning of no connection is to limit the processing of only one request per connection. When the server finishes processing the customer's request and receives the customer's answer, the connection is disconnected. In this way, the transmission time can be saved.
    • HTTP is media Independent: This means that any type of data can be sent over HTTP as long as the client and the server know what to do with the data content. The client and server specify that the appropriate Mime-type content type be used.
    • HTTP is stateless: The HTTP protocol is a stateless protocol. Stateless means that the protocol has no memory capacity for transactional processing. A lack of state means that if the previous information is required for subsequent processing, it must be re-routed, which may cause the amount of data to be transferred per connection to increase. On the other hand, it responds faster when the server does not need the previous information.

Third, HTTP message structure

Request

GET/Hello.TXT HTTP/1.1User-Agent: Curl/7.16. 3 Libcurl/7.16. 3 openssl/0.9.7l Zlib/1.2. 3host: Www. Example. Comaccept-language: En              

Request Method:

HTTP1.0 defines three methods of request: GET, POST, and head.

HTTP1.1 has five new request methods: Options, PUT, DELETE, TRACE, and CONNECT methods.

Response

HTTP/1.1 200OkDate: Mon, 27 Jul 2009 12:28:53GmtServer: ApacheLast-Modified: Wed, 22 Jul 2009 19:15:56 Gmtetag :  "34aa387-d-1568eb00"  Accept-ranges: Bytes Content-length: 51< Span class= "PLN" >vary: accept -encodingcontent-< Span class= "Typ" >type: Text/plain    

Response header information:

Allow
Which request methods are supported by the server (such as GET, post, etc.).
Content-encoding
The encoding (Encode) method of the document. The content type specified by the Content-type header can be obtained only after decoding.
Content-length
Represents the content length. This data is only required if the browser is using a persistent HTTP connection.
Content-type
Indicates what MIME type the following document belongs to. The servlet defaults to Text/plain, but it usually needs to be explicitly specified as text/html.
Date
The current GMT time.
Expires
When should I think that the document has expired so that it is no longer cached?
Last-modified
The last modification time of the document.
Location
Indicates where the customer should go to extract the document.
Refresh
Indicates how much time the browser should refresh the document, in seconds.
Server
Server name. The servlet generally does not set this value, but is set by the Web server itself.
Set-cookie
Sets the cookie associated with the page.
Www-authenticate
What type of authorization information should the customer provide in the authorization header? This header is required in an answer that contains a 401 (unauthorized) status line.

Four, HTTP status code

1** information, the server receives the request and requires the requestor to continue the operation
2** successful, operation is successfully received and processed
3** Redirect, requires further action to complete the request
4** Client error, request contains syntax error or cannot complete request
5** Server error, the server has an error while processing the request

Common Status Codes:

$ OK//client request succeeded
Bad Request//client requests have syntax errors and cannot be understood by the server
401 Unauthorized//request unauthorized, this status code must be used with the Www-authenticate header field
403 Forbidden//server receives request, but refuses to provide service
404 Not Found//request resource not present, eg: Wrong URL entered
Internal Server error//server unexpected errors
503 Server Unavailable//server is currently unable to process client requests and may return to normal after some time

V. HTTP request response steps

1. Client connects to Web server

An HTTP client, typically a browser, establishes a TCP socket connection with the HTTP port of the Web server (default is 80).

2. Sending HTTP requests

3. The server accepts the request and returns the HTTP response

4. Release the connection TCP connection

If the connection mode is close, the server actively shuts down the TCP connection, the client shuts down the connection passively, releases the TCP connection, and if the connection mode is keepalive, the connection is maintained for a period of time and the request can continue to be received;

5. client browser parsing HTML content

Vi. differences between get and post requests

1. Data submitted in different ways:

The data of the GET request is appended to the URL (that is, the data is placed in the HTTP protocol header), to split the URL and transfer data, multiple parameters with & connection; for example: Login.action?name=hyddd&password=idontknow &verify=%e4%bd%a0%E5%A5%BD. If the data is an English letter/number, sent as is, if it is a space, converted to +, if it is Chinese/other characters, the string is directly encrypted with BASE64, such as:%E4%BD%A0%E5%A5%BD, where the xx in%xx is the symbol in 16 binary notation ASCII.

The POST request places the submitted data in the package body of the HTTP packet.

2. The size limit for the transmitted data is different:

GET: Specific browsers and servers have a limit on URL length.

POST: The theoretical data is not limited because it is not transmitted via a URL. However, the actual Web server will be required to limit the size of the post submission data, Apache, IIS6 have their own configuration.

The security of the 3.POST is higher than the security of get.

HTTP protocol Learning Notes

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.