In-depth understanding of HTTP protocol and principles (1)
1. Basic Concepts
1.1 Introduction
HTTP is short for Hyper Text Transfer Protocol. Its development is the result of cooperation between the World Wide Web Consortium and the Internet team IETF (Internet Engineering Task Force). They finally published a series of RFC, RFC 1945 defines HTTP/1.0. The most famous one is RFC 2616. RFC 2616 defines a common version of HTTP 1.1.
HyperText Transfer Protocol (Hyper Text Transfer Protocol) is a Transfer Protocol used to Transfer HyperText from a WWW server to a local browser. It makes the browser more efficient and reduces network transmission. It not only ensures that the computer transfers hypertext documents correctly and quickly, but also determines which part of the transmitted documents and which part of the content is first displayed (such as text before graphics.
HTTP is an application layer protocol consisting of requests and responses. It is a standard client server model. HTTP is a stateless protocol.
Position of 1.2 in TCP/IP protocol stack
The HTTP protocol is usually carried over the TCP protocol, and sometimes on the TLS or SSL protocol layer. At this time, we often say HTTPS. As shown in:
The default HTTP port number is 80, and the HTTPS port number is 443.
1.3 HTTP Request Response Model
The HTTP protocol always initiates a request from the client, and the server returns the response. See:
This restricts the use of the HTTP protocol and prevents the server from pushing messages to the client when the client does not initiate a request.
HTTP is a stateless protocol. This request on the same client does not correspond to the previous request.
1.4 Workflow
An HTTP operation is called a transaction. The procedure can be divided into four steps:
1) First, the client and the server need to establish a connection. Click a hyperlink to start HTTP.
2) After a connection is established, the client sends a request to the server in the format of Uniform Resource Identifier (URL), Protocol version number, the MIME information is followed by the request modifier, client information, and possible content.
3) after receiving the request, the server returns the corresponding response information in the format of a status line, including the Protocol version number of the information, a successful or wrong code, MIME information is followed by server information, entity information, and possible content.
4) The information returned by the client receiving server is displayed on the user's display screen through a browser, and the client is disconnected from the server.
If an error occurs in one of the preceding steps, the error message is returned to the client and displayed. For users, these processes are completed by HTTP. Users only need to click and wait for the information to be displayed.
1.5 Use Wireshark to capture TCP and http packets
Open Wireshark, select "Capture"-> "Options" on the toolbar, and select 1 on the interface:
Figure 1 set the Capture Option
Generally, you only need to select the top drop-down box, select the appropriate Device, and then click "Capture Filter". Here, "http tcp port (80)" is selected )", click Start to capture packets.
Figure 2 select Capture Filter
For example, open http://image.baidu.com/in the browser, and capture the packet as shown in 3:
Figure 3 packet capture
In, you can clearly see the interaction process between the client browser (ip Address: 192.168.2.33) and the server:
1) No1: the browser (192.168.2.33) sends a connection request to the server (220.181.50.118. This is the first step of TCP three-way handshake. It can be seen that it is SYN, seq: X (x = 0)
2) No2: the server (220.181.50.118) responded to the browser (192.168.2.33) request and asked for confirmation. The request is SYN and ACK. In this case, seq: y (y is 0), ACK: x + 1 (1 ). This is the second step of the three-way handshake;
3) No3: the browser (192.168.2.33) responded to the server (220.181.50.118) confirmation and the connection was successful. It is ACK. In this case, seq: x + 1 (1) and ACK: y + 1 (1 ). This is the third step of the three-way handshake;
4) No4: the browser (192.168.2.33) sends a page HTTP request;
5) No5: Server (220.181.50.118) confirmation;
6) No6: the server (220.181.50.118) sends data;
7) No7: Check the client browser (192.168.2.33;
8) No14: the client (192.168.2.33) sends an image HTTP request;
9) No15: Server (220.181.50.118) sends status response code 200 OK
......